@strapi/plugin-users-permissions 0.0.0-next.e50ef5e2ea57ecf3da5bcf308508b51ee3c0deca → 0.0.0-next.e5b87a54008c9de2b3286a4774635dcf69895d9b

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/admin/src/components/Permissions/PermissionRow/SubCategory.jsx +8 -1
  2. package/admin/src/components/Policies/index.jsx +1 -0
  3. package/admin/src/components/UsersPermissions/index.jsx +1 -0
  4. package/admin/src/pages/AdvancedSettings/index.jsx +1 -0
  5. package/admin/src/pages/EmailTemplates/components/EmailForm.jsx +2 -1
  6. package/admin/src/pages/Providers/index.jsx +74 -76
  7. package/admin/src/pages/Roles/pages/CreatePage.jsx +26 -8
  8. package/admin/src/pages/Roles/pages/EditPage.jsx +13 -7
  9. package/admin/src/pages/Roles/pages/ListPage/index.jsx +92 -93
  10. package/admin/src/translations/de.json +27 -2
  11. package/admin/src/translations/en.json +1 -0
  12. package/dist/admin/components/FormModal/Input/index.js.map +1 -1
  13. package/dist/admin/components/FormModal/Input/index.mjs.map +1 -1
  14. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js +3 -1
  15. package/dist/admin/components/Permissions/PermissionRow/SubCategory.js.map +1 -1
  16. package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs +3 -1
  17. package/dist/admin/components/Permissions/PermissionRow/SubCategory.mjs.map +1 -1
  18. package/dist/admin/components/Permissions/PermissionRow/index.js.map +1 -1
  19. package/dist/admin/components/Permissions/PermissionRow/index.mjs.map +1 -1
  20. package/dist/admin/components/Policies/index.js +1 -0
  21. package/dist/admin/components/Policies/index.js.map +1 -1
  22. package/dist/admin/components/Policies/index.mjs +1 -0
  23. package/dist/admin/components/Policies/index.mjs.map +1 -1
  24. package/dist/admin/components/UsersPermissions/index.js +1 -0
  25. package/dist/admin/components/UsersPermissions/index.js.map +1 -1
  26. package/dist/admin/components/UsersPermissions/index.mjs +1 -0
  27. package/dist/admin/components/UsersPermissions/index.mjs.map +1 -1
  28. package/dist/admin/pages/AdvancedSettings/index.js +1 -0
  29. package/dist/admin/pages/AdvancedSettings/index.js.map +1 -1
  30. package/dist/admin/pages/AdvancedSettings/index.mjs +1 -0
  31. package/dist/admin/pages/AdvancedSettings/index.mjs.map +1 -1
  32. package/dist/admin/pages/EmailTemplates/components/EmailForm.js +2 -1
  33. package/dist/admin/pages/EmailTemplates/components/EmailForm.js.map +1 -1
  34. package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs +2 -1
  35. package/dist/admin/pages/EmailTemplates/components/EmailForm.mjs.map +1 -1
  36. package/dist/admin/pages/Providers/index.js +84 -88
  37. package/dist/admin/pages/Providers/index.js.map +1 -1
  38. package/dist/admin/pages/Providers/index.mjs +84 -88
  39. package/dist/admin/pages/Providers/index.mjs.map +1 -1
  40. package/dist/admin/pages/Roles/pages/CreatePage.js +15 -1
  41. package/dist/admin/pages/Roles/pages/CreatePage.js.map +1 -1
  42. package/dist/admin/pages/Roles/pages/CreatePage.mjs +17 -3
  43. package/dist/admin/pages/Roles/pages/CreatePage.mjs.map +1 -1
  44. package/dist/admin/pages/Roles/pages/EditPage.js +14 -3
  45. package/dist/admin/pages/Roles/pages/EditPage.js.map +1 -1
  46. package/dist/admin/pages/Roles/pages/EditPage.mjs +15 -4
  47. package/dist/admin/pages/Roles/pages/EditPage.mjs.map +1 -1
  48. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.js.map +1 -1
  49. package/dist/admin/pages/Roles/pages/ListPage/components/TableBody.mjs.map +1 -1
  50. package/dist/admin/pages/Roles/pages/ListPage/index.js +96 -99
  51. package/dist/admin/pages/Roles/pages/ListPage/index.js.map +1 -1
  52. package/dist/admin/pages/Roles/pages/ListPage/index.mjs +96 -99
  53. package/dist/admin/pages/Roles/pages/ListPage/index.mjs.map +1 -1
  54. package/dist/admin/translations/de.json.js +27 -2
  55. package/dist/admin/translations/de.json.js.map +1 -1
  56. package/dist/admin/translations/de.json.mjs +27 -2
  57. package/dist/admin/translations/de.json.mjs.map +1 -1
  58. package/dist/admin/translations/en.json.js +1 -0
  59. package/dist/admin/translations/en.json.js.map +1 -1
  60. package/dist/admin/translations/en.json.mjs +1 -0
  61. package/dist/admin/translations/en.json.mjs.map +1 -1
  62. package/dist/admin/utils/getTrad.js.map +1 -1
  63. package/dist/admin/utils/getTrad.mjs.map +1 -1
  64. package/dist/admin/utils/prefixPluginTranslations.js.map +1 -1
  65. package/dist/admin/utils/prefixPluginTranslations.mjs.map +1 -1
  66. package/dist/server/bootstrap/index.js +28 -7
  67. package/dist/server/bootstrap/index.js.map +1 -1
  68. package/dist/server/bootstrap/index.mjs +28 -7
  69. package/dist/server/bootstrap/index.mjs.map +1 -1
  70. package/dist/server/config.js +16 -0
  71. package/dist/server/config.js.map +1 -1
  72. package/dist/server/config.mjs +16 -0
  73. package/dist/server/config.mjs.map +1 -1
  74. package/dist/server/controllers/auth.js +204 -3
  75. package/dist/server/controllers/auth.js.map +1 -1
  76. package/dist/server/controllers/auth.mjs +204 -3
  77. package/dist/server/controllers/auth.mjs.map +1 -1
  78. package/dist/server/controllers/content-manager-user.js +3 -3
  79. package/dist/server/controllers/content-manager-user.js.map +1 -1
  80. package/dist/server/controllers/content-manager-user.mjs +3 -3
  81. package/dist/server/controllers/content-manager-user.mjs.map +1 -1
  82. package/dist/server/controllers/validation/user.js +6 -1
  83. package/dist/server/controllers/validation/user.js.map +1 -1
  84. package/dist/server/controllers/validation/user.mjs +6 -1
  85. package/dist/server/controllers/validation/user.mjs.map +1 -1
  86. package/dist/server/graphql/resolvers-configs.js.map +1 -1
  87. package/dist/server/graphql/resolvers-configs.mjs.map +1 -1
  88. package/dist/server/middlewares/rateLimit.js.map +1 -1
  89. package/dist/server/middlewares/rateLimit.mjs.map +1 -1
  90. package/dist/server/routes/content-api/auth.js +155 -91
  91. package/dist/server/routes/content-api/auth.js.map +1 -1
  92. package/dist/server/routes/content-api/auth.mjs +155 -91
  93. package/dist/server/routes/content-api/auth.mjs.map +1 -1
  94. package/dist/server/routes/content-api/index.js +11 -9
  95. package/dist/server/routes/content-api/index.js.map +1 -1
  96. package/dist/server/routes/content-api/index.mjs +11 -9
  97. package/dist/server/routes/content-api/index.mjs.map +1 -1
  98. package/dist/server/routes/content-api/permissions.js +14 -7
  99. package/dist/server/routes/content-api/permissions.js.map +1 -1
  100. package/dist/server/routes/content-api/permissions.mjs +14 -7
  101. package/dist/server/routes/content-api/permissions.mjs.map +1 -1
  102. package/dist/server/routes/content-api/role.js +61 -27
  103. package/dist/server/routes/content-api/role.js.map +1 -1
  104. package/dist/server/routes/content-api/role.mjs +61 -27
  105. package/dist/server/routes/content-api/role.mjs.map +1 -1
  106. package/dist/server/routes/content-api/user.js +119 -57
  107. package/dist/server/routes/content-api/user.js.map +1 -1
  108. package/dist/server/routes/content-api/user.mjs +119 -57
  109. package/dist/server/routes/content-api/user.mjs.map +1 -1
  110. package/dist/server/routes/content-api/validation.js +217 -0
  111. package/dist/server/routes/content-api/validation.js.map +1 -0
  112. package/dist/server/routes/content-api/validation.mjs +215 -0
  113. package/dist/server/routes/content-api/validation.mjs.map +1 -0
  114. package/dist/server/services/constants.js +19 -0
  115. package/dist/server/services/constants.js.map +1 -0
  116. package/dist/server/services/constants.mjs +17 -0
  117. package/dist/server/services/constants.mjs.map +1 -0
  118. package/dist/server/services/jwt.js +45 -2
  119. package/dist/server/services/jwt.js.map +1 -1
  120. package/dist/server/services/jwt.mjs +45 -2
  121. package/dist/server/services/jwt.mjs.map +1 -1
  122. package/dist/server/services/providers-registry.js.map +1 -1
  123. package/dist/server/services/providers-registry.mjs.map +1 -1
  124. package/dist/server/services/role.js.map +1 -1
  125. package/dist/server/services/role.mjs.map +1 -1
  126. package/dist/server/services/user.js +29 -20
  127. package/dist/server/services/user.js.map +1 -1
  128. package/dist/server/services/user.mjs +29 -20
  129. package/dist/server/services/user.mjs.map +1 -1
  130. package/dist/server/services/users-permissions.js +12 -3
  131. package/dist/server/services/users-permissions.js.map +1 -1
  132. package/dist/server/services/users-permissions.mjs +12 -3
  133. package/dist/server/services/users-permissions.mjs.map +1 -1
  134. package/package.json +13 -12
  135. package/server/bootstrap/index.js +31 -0
  136. package/server/config.js +22 -0
  137. package/server/controllers/auth.js +246 -8
  138. package/server/controllers/content-manager-user.js +3 -4
  139. package/server/controllers/validation/user.js +12 -1
  140. package/server/routes/content-api/auth.js +119 -71
  141. package/server/routes/content-api/index.js +11 -4
  142. package/server/routes/content-api/permissions.js +14 -7
  143. package/server/routes/content-api/role.js +57 -27
  144. package/server/routes/content-api/user.js +108 -51
  145. package/server/routes/content-api/validation.js +250 -0
  146. package/server/services/constants.js +9 -0
  147. package/server/services/jwt.js +50 -2
  148. package/server/services/user.js +11 -0
  149. package/server/services/users-permissions.js +6 -2
package/dist/server/routes/content-api/validation.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validation.mjs","sources":["../../../../server/routes/content-api/validation.js"],"sourcesContent":["'use strict';\n\nconst { AbstractRouteValidator } = require('@strapi/utils');\nconst z = require('zod/v4');\n\nclass UsersPermissionsRouteValidator extends AbstractRouteValidator {\n constructor(strapi) {\n super();\n this._strapi = strapi;\n }\n\n get userSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n username: z.string(),\n email: z.string(),\n provider: z.string(),\n confirmed: z.boolean(),\n blocked: z.boolean(),\n role: z\n .union([\n z.number(),\n z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n ])\n .optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n });\n }\n\n get roleSchema() {\n return z.object({\n id: z.number(),\n documentId: z.string(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n createdAt: z.string(),\n updatedAt: z.string(),\n publishedAt: z.string(),\n nb_users: z.number().optional(),\n permissions: z\n .record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n )\n .optional(),\n users: z.array(z.unknown()).optional(),\n });\n }\n\n get permissionSchema() {\n return z.object({\n id: z.number(),\n action: z.string(),\n role: z.object({\n id: z.number(),\n name: z.string(),\n description: z.string().nullable(),\n type: z.string(),\n }),\n createdAt: z.string(),\n updatedAt: z.string(),\n });\n }\n\n get authResponseSchema() {\n return z.object({\n jwt: z.string(),\n refreshToken: z.string().optional(),\n user: this.userSchema,\n });\n }\n\n get authResponseWithoutJwtSchema() {\n return z.object({\n user: this.userSchema,\n });\n }\n\n get authRegisterResponseSchema() {\n return z.union([this.authResponseSchema, this.authResponseWithoutJwtSchema]);\n }\n\n get forgotPasswordResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get sendEmailConfirmationResponseSchema() {\n return z.object({\n email: z.string(),\n sent: z.boolean(),\n });\n }\n\n get rolesResponseSchema() {\n return z.object({\n roles: z.array(this.roleSchema),\n });\n }\n\n get roleResponseSchema() {\n return z.object({\n role: this.roleSchema,\n });\n }\n\n get roleSuccessResponseSchema() {\n return z.object({\n ok: z.boolean(),\n });\n }\n\n get permissionsResponseSchema() {\n return z.object({\n permissions: z.record(\n z.string(), // plugin name\n z.object({\n controllers: z.record(\n z.string(), // controller name\n z.record(\n z.string(), // action name\n z.object({\n enabled: z.boolean(),\n policy: z.string(),\n })\n )\n ),\n })\n ),\n });\n }\n\n get loginBodySchema() {\n return z.object({\n identifier: z.string(),\n password: z.string(),\n });\n }\n\n get registerBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n });\n }\n\n get forgotPasswordBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get resetPasswordBodySchema() {\n return z.object({\n code: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get changePasswordBodySchema() {\n return z.object({\n currentPassword: z.string(),\n password: z.string(),\n passwordConfirmation: z.string(),\n });\n }\n\n get sendEmailConfirmationBodySchema() {\n return z.object({\n email: z.email(),\n });\n }\n\n get createUserBodySchema() {\n return z.object({\n username: z.string(),\n email: z.email(),\n password: z.string(),\n role: z.number().optional(),\n });\n }\n\n get updateUserBodySchema() {\n return z.object({\n username: z.string().optional(),\n email: z.email().optional(),\n password: z.string().optional(),\n role: z.number().optional(),\n });\n }\n\n get createRoleBodySchema() {\n return z.object({\n name: z.string(),\n description: z.string().optional(),\n type: z.string(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get updateRoleBodySchema() {\n return z.object({\n name: z.string().optional(),\n description: z.string().optional(),\n type: z.string().optional(),\n permissions: z.record(z.string(), z.unknown()).optional(),\n });\n }\n\n get userIdParam() {\n return z.string();\n }\n\n get roleIdParam() {\n return z.string();\n }\n\n get providerParam() {\n return z.string();\n }\n}\n\nmodule.exports = {\n UsersPermissionsRouteValidator,\n};\n"],"names":["AbstractRouteValidator","require$$0","z","require$$1","UsersPermissionsRouteValidator","userSchema","object","id","number","documentId","string","username","email","provider","confirmed","boolean","blocked","role","union","name","description","nullable","type","createdAt","updatedAt","optional","publishedAt","roleSchema","nb_users","permissions","record","controllers","enabled","policy","users","array","unknown","permissionSchema","action","authResponseSchema","jwt","refreshToken","user","authResponseWithoutJwtSchema","authRegisterResponseSchema","forgotPasswordResponseSchema","ok","sendEmailConfirmationResponseSchema","sent","rolesResponseSchema","roles","roleResponseSchema","roleSuccessResponseSchema","permissionsResponseSchema","loginBodySchema","identifier","password","registerBodySchema","forgotPasswordBodySchema","resetPasswordBodySchema","code","passwordConfirmation","changePasswordBodySchema","currentPassword","sendEmailConfirmationBodySchema","createUserBodySchema","updateUserBodySchema","createRoleBodySchema","updateRoleBodySchema","userIdParam","roleIdParam","providerParam","strapi","_strapi","validation"],"mappings":";;;;;;;;IAEA,MAAM,EAAEA,sBAAsB,EAAE,GAAGC,UAAAA;AACnC,IAAA,MAAMC,CAAIC,GAAAA,YAAAA;AAEV,IAAA,MAAMC,8BAAuCJ,SAAAA,sBAAAA,CAAAA;AAM3C,QAAA,IAAIK,UAAa,GAAA;YACf,OAAOH,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBC,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfG,gBAAAA,QAAAA,EAAUX,EAAEQ,MAAM,EAAA;AAClBI,gBAAAA,SAAAA,EAAWZ,EAAEa,OAAO,EAAA;AACpBC,gBAAAA,OAAAA,EAASd,EAAEa,OAAO,EAAA;gBAClBE,IAAMf,EAAAA,CAAAA,CACHgB,KAAK,CAAC;AACLhB,oBAAAA,CAAAA,CAAEM,MAAM,EAAA;AACRN,oBAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPC,wBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,wBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;wBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,wBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,wBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,wBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AAC/B,qBAAA;AACS,iBAAA,CAAA,CACAe,QAAQ,EAAA;AACXF,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM;AAC3B,aAAA,CAAA;AACG;AAED,QAAA,IAAIiB,UAAa,GAAA;YACf,OAAOzB,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZC,gBAAAA,UAAAA,EAAYP,EAAEQ,MAAM,EAAA;AACpBS,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;AACda,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM,EAAA;AACnBgB,gBAAAA,WAAAA,EAAaxB,EAAEQ,MAAM,EAAA;gBACrBkB,QAAU1B,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ,EAAA;gBAC7BI,WAAa3B,EAAAA,CAAAA,CACV4B,MAAM,CACL5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAE4B,CAAAA,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAE4B,MAAM,CACN5B,CAAEQ,CAAAA,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAClC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA,CAAA,CAESe,QAAQ,EAAA;AACXS,gBAAAA,KAAAA,EAAOhC,EAAEiC,KAAK,CAACjC,CAAEkC,CAAAA,OAAO,IAAIX,QAAQ;AAC1C,aAAA,CAAA;AACG;AAED,QAAA,IAAIY,gBAAmB,GAAA;YACrB,OAAOnC,CAAAA,CAAEI,MAAM,CAAC;AACdC,gBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZ8B,gBAAAA,MAAAA,EAAQpC,EAAEQ,MAAM,EAAA;gBAChBO,IAAMf,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACbC,oBAAAA,EAAAA,EAAIL,EAAEM,MAAM,EAAA;AACZW,oBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;oBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAChCC,oBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM;AACtB,iBAAA,CAAA;AACMa,gBAAAA,SAAAA,EAAWrB,EAAEQ,MAAM,EAAA;AACnBc,gBAAAA,SAAAA,EAAWtB,EAAEQ,MAAM;AACzB,aAAA,CAAA;AACG;AAED,QAAA,IAAI6B,kBAAqB,GAAA;YACvB,OAAOrC,CAAAA,CAAEI,MAAM,CAAC;AACdkC,gBAAAA,GAAAA,EAAKtC,EAAEQ,MAAM,EAAA;gBACb+B,YAAcvC,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACjCiB,IAAM,EAAA,IAAI,CAACrC;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIsC,4BAA+B,GAAA;YACjC,OAAOzC,CAAAA,CAAEI,MAAM,CAAC;gBACdoC,IAAM,EAAA,IAAI,CAACrC;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIuC,0BAA6B,GAAA;YAC/B,OAAO1C,CAAAA,CAAEgB,KAAK,CAAC;AAAC,gBAAA,IAAI,CAACqB,kBAAkB;AAAE,gBAAA,IAAI,CAACI;AAA6B,aAAA,CAAA;AAC5E;AAED,QAAA,IAAIE,4BAA+B,GAAA;YACjC,OAAO3C,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACG;AAED,QAAA,IAAIgC,mCAAsC,GAAA;YACxC,OAAO7C,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEQ,MAAM,EAAA;AACfsC,gBAAAA,IAAAA,EAAM9C,EAAEa,OAAO;AACrB,aAAA,CAAA;AACG;AAED,QAAA,IAAIkC,mBAAsB,GAAA;YACxB,OAAO/C,CAAAA,CAAEI,MAAM,CAAC;AACd4C,gBAAAA,KAAAA,EAAOhD,CAAEiC,CAAAA,KAAK,CAAC,IAAI,CAACR,UAAU;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIwB,kBAAqB,GAAA;YACvB,OAAOjD,CAAAA,CAAEI,MAAM,CAAC;gBACdW,IAAM,EAAA,IAAI,CAACU;AACjB,aAAA,CAAA;AACG;AAED,QAAA,IAAIyB,yBAA4B,GAAA;YAC9B,OAAOlD,CAAAA,CAAEI,MAAM,CAAC;AACdwC,gBAAAA,EAAAA,EAAI5C,EAAEa,OAAO;AACnB,aAAA,CAAA;AACG;AAED,QAAA,IAAIsC,yBAA4B,GAAA;YAC9B,OAAOnD,CAAAA,CAAEI,MAAM,CAAC;gBACduB,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACPyB,oBAAAA,WAAAA,EAAa7B,CAAE4B,CAAAA,MAAM,CACnB5B,CAAAA,CAAEQ,MAAM,EACRR,EAAAA,CAAAA,CAAE4B,MAAM,CACN5B,CAAEQ,CAAAA,MAAM,EACRR,EAAAA,CAAAA,CAAEI,MAAM,CAAC;AACP0B,wBAAAA,OAAAA,EAAS9B,EAAEa,OAAO,EAAA;AAClBkB,wBAAAA,MAAAA,EAAQ/B,EAAEQ,MAAM;AAChC,qBAAA,CAAA,CAAA;AAGA,iBAAA,CAAA;AAEA,aAAA,CAAA;AACG;AAED,QAAA,IAAI4C,eAAkB,GAAA;YACpB,OAAOpD,CAAAA,CAAEI,MAAM,CAAC;AACdiD,gBAAAA,UAAAA,EAAYrD,EAAEQ,MAAM,EAAA;AACpB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACG;AAED,QAAA,IAAI+C,kBAAqB,GAAA;YACvB,OAAOvD,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM;AACxB,aAAA,CAAA;AACG;AAED,QAAA,IAAIgD,wBAA2B,GAAA;YAC7B,OAAOxD,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACG;AAED,QAAA,IAAI+C,uBAA0B,GAAA;YAC5B,OAAOzD,CAAAA,CAAEI,MAAM,CAAC;AACdsD,gBAAAA,IAAAA,EAAM1D,EAAEQ,MAAM,EAAA;AACd8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIoD,wBAA2B,GAAA;YAC7B,OAAO5D,CAAAA,CAAEI,MAAM,CAAC;AACdyD,gBAAAA,eAAAA,EAAiB7D,EAAEQ,MAAM,EAAA;AACzB8C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;AAClBmD,gBAAAA,oBAAAA,EAAsB3D,EAAEQ,MAAM;AACpC,aAAA,CAAA;AACG;AAED,QAAA,IAAIsD,+BAAkC,GAAA;YACpC,OAAO9D,CAAAA,CAAEI,MAAM,CAAC;AACdM,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK;AACpB,aAAA,CAAA;AACG;AAED,QAAA,IAAIqD,oBAAuB,GAAA;YACzB,OAAO/D,CAAAA,CAAEI,MAAM,CAAC;AACdK,gBAAAA,QAAAA,EAAUT,EAAEQ,MAAM,EAAA;AAClBE,gBAAAA,KAAAA,EAAOV,EAAEU,KAAK,EAAA;AACd4C,gBAAAA,QAAAA,EAAUtD,EAAEQ,MAAM,EAAA;gBAClBO,IAAMf,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACG;AAED,QAAA,IAAIyC,oBAAuB,GAAA;YACzB,OAAOhE,CAAAA,CAAEI,MAAM,CAAC;gBACdK,QAAUT,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7Bb,KAAOV,EAAAA,CAAAA,CAAEU,KAAK,EAAA,CAAGa,QAAQ,EAAA;gBACzB+B,QAAUtD,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAC7BR,IAAMf,EAAAA,CAAAA,CAAEM,MAAM,EAAA,CAAGiB,QAAQ;AAC/B,aAAA,CAAA;AACG;AAED,QAAA,IAAI0C,oBAAuB,GAAA;YACzB,OAAOjE,CAAAA,CAAEI,MAAM,CAAC;AACda,gBAAAA,IAAAA,EAAMjB,EAAEQ,MAAM,EAAA;gBACdU,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;AAChCH,gBAAAA,IAAAA,EAAMpB,EAAEQ,MAAM,EAAA;gBACdmB,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAIR,EAAAA,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACG;AAED,QAAA,IAAI2C,oBAAuB,GAAA;YACzB,OAAOlE,CAAAA,CAAEI,MAAM,CAAC;gBACda,IAAMjB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBL,WAAalB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBAChCH,IAAMpB,EAAAA,CAAAA,CAAEQ,MAAM,EAAA,CAAGe,QAAQ,EAAA;gBACzBI,WAAa3B,EAAAA,CAAAA,CAAE4B,MAAM,CAAC5B,CAAAA,CAAEQ,MAAM,EAAIR,EAAAA,CAAAA,CAAEkC,OAAO,EAAA,CAAA,CAAIX,QAAQ;AAC7D,aAAA,CAAA;AACG;AAED,QAAA,IAAI4C,WAAc,GAAA;AAChB,YAAA,OAAOnE,EAAEQ,MAAM,EAAA;AAChB;AAED,QAAA,IAAI4D,WAAc,GAAA;AAChB,YAAA,OAAOpE,EAAEQ,MAAM,EAAA;AAChB;AAED,QAAA,IAAI6D,aAAgB,GAAA;AAClB,YAAA,OAAOrE,EAAEQ,MAAM,EAAA;AAChB;AA9OD,QAAA,WAAA,CAAY8D,MAAM,CAAE;YAClB,KAAK,EAAA;YACL,IAAI,CAACC,OAAO,GAAGD,MAAAA;AAChB;AA4OH;IAEAE,UAAiB,GAAA;AACftE,QAAAA;AACF,KAAA;;;;;;"}
package/dist/server/services/constants.js ADDED
@@ -0,0 +1,19 @@
1
+ 'use strict';
2
+
3
+ var constants;
4
+ var hasRequiredConstants;
5
+ function requireConstants() {
6
+ if (hasRequiredConstants) return constants;
7
+ hasRequiredConstants = 1;
8
+ constants = {
9
+ DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60,
10
+ DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60,
11
+ DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60,
12
+ DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60,
13
+ DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60
14
+ };
15
+ return constants;
16
+ }
17
+
18
+ exports.__require = requireConstants;
19
+ //# sourceMappingURL=constants.js.map
package/dist/server/services/constants.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"constants.js","sources":["../../../server/services/constants.js"],"sourcesContent":["'use strict';\n\nmodule.exports = {\n DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60, // 10 minutes\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60, // 30 days\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60, // 14 days\n DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60, // 1 day\n DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60, // 2 hours\n};\n"],"names":["constants","DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN"],"mappings":";;;;;;;IAEAA,SAAiB,GAAA;AACfC,QAAAA,6BAAAA,EAA+B,EAAK,GAAA,EAAA;QACpCC,kCAAoC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACnDC,mCAAqC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACpDC,4BAA8B,EAAA,CAAA,GAAI,KAAK,EAAK,GAAA,EAAA;AAC5CC,QAAAA,6BAAAA,EAA+B,IAAI,EAAK,GAAA;AAC1C,KAAA;;;;;;"}
package/dist/server/services/constants.mjs ADDED
@@ -0,0 +1,17 @@
1
+ var constants;
2
+ var hasRequiredConstants;
3
+ function requireConstants() {
4
+ if (hasRequiredConstants) return constants;
5
+ hasRequiredConstants = 1;
6
+ constants = {
7
+ DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60,
8
+ DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60,
9
+ DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60,
10
+ DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60,
11
+ DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60
12
+ };
13
+ return constants;
14
+ }
15
+
16
+ export { requireConstants as __require };
17
+ //# sourceMappingURL=constants.mjs.map
package/dist/server/services/constants.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"constants.mjs","sources":["../../../server/services/constants.js"],"sourcesContent":["'use strict';\n\nmodule.exports = {\n DEFAULT_ACCESS_TOKEN_LIFESPAN: 10 * 60, // 10 minutes\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN: 30 * 24 * 60 * 60, // 30 days\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN: 14 * 24 * 60 * 60, // 14 days\n DEFAULT_MAX_SESSION_LIFESPAN: 1 * 24 * 60 * 60, // 1 day\n DEFAULT_IDLE_SESSION_LIFESPAN: 2 * 60 * 60, // 2 hours\n};\n"],"names":["constants","DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN"],"mappings":";;;;;IAEAA,SAAiB,GAAA;AACfC,QAAAA,6BAAAA,EAA+B,EAAK,GAAA,EAAA;QACpCC,kCAAoC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACnDC,mCAAqC,EAAA,EAAA,GAAK,KAAK,EAAK,GAAA,EAAA;QACpDC,4BAA8B,EAAA,CAAA,GAAI,KAAK,EAAK,GAAA,EAAA;AAC5CC,QAAAA,6BAAAA,EAA+B,IAAI,EAAK,GAAA;AAC1C,KAAA;;;;;;"}
package/dist/server/services/jwt.js CHANGED
@@ -29,12 +29,55 @@ function requireJwt() {
29
29
  return this.verify(token);
30
30
  },
31
31
  issue (payload, jwtOptions = {}) {
32
+ const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
33
+ if (mode === 'refresh') {
34
+ const userId = String(payload.id ?? payload.userId ?? '');
35
+ if (!userId) {
36
+ throw new Error('Cannot issue token: missing user id');
37
+ }
38
+ const issueRefreshToken = async ()=>{
39
+ const refresh = await strapi.sessionManager('users-permissions').generateRefreshToken(userId, undefined, {
40
+ type: 'refresh'
41
+ });
42
+ const access = await strapi.sessionManager('users-permissions').generateAccessToken(refresh.token);
43
+ if ('error' in access) {
44
+ throw new Error('Failed to generate access token');
45
+ }
46
+ return access.token;
47
+ };
48
+ return issueRefreshToken();
49
+ }
32
50
  _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
33
51
  return jwt.sign(_.clone(payload.toJSON ? payload.toJSON() : payload), strapi.config.get('plugin::users-permissions.jwtSecret'), jwtOptions);
34
52
  },
35
- verify (token) {
53
+ async verify (token) {
54
+ const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
55
+ if (mode === 'refresh') {
56
+ // Accept only access tokens minted by the SessionManager for UP
57
+ const result = strapi.sessionManager('users-permissions').validateAccessToken(token);
58
+ if (!result.isValid || result.payload.type !== 'access') {
59
+ throw new Error('Invalid token.');
60
+ }
61
+ const user = await strapi.db.query('plugin::users-permissions.user').findOne({
62
+ where: {
63
+ id: Number(result.payload.userId) || result.payload.userId
64
+ }
65
+ });
66
+ if (!user) {
67
+ throw new Error('Invalid token.');
68
+ }
69
+ return {
70
+ id: user.id
71
+ };
72
+ }
36
73
  return new Promise((resolve, reject)=>{
37
- jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {}, (err, tokenPayload = {})=>{
74
+ const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
75
+ const algorithms = jwtConfig && jwtConfig.algorithm ? [
76
+ jwtConfig.algorithm
77
+ ] : undefined;
78
+ jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
79
+ algorithms
80
+ } : {}, (err, tokenPayload = {})=>{
38
81
  if (err) {
39
82
  return reject(new Error('Invalid token.'));
40
83
  }
package/dist/server/services/jwt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n verify(token) {\n return new Promise((resolve, reject) => {\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","defaults","config","get","sign","clone","toJSON","Promise","resolve","reject","err","tokenPayload","Error"],"mappings":";;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5BnB,gBAAAA,CAAAA,CAAEoB,QAAQ,CAACD,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIqB,IAAI,CACbvB,EAAEwB,KAAK,CAACN,QAAQO,MAAM,GAAGP,OAAQO,CAAAA,MAAM,KAAKP,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAEDH,YAAAA,MAAAA,CAAAA,CAAOR,KAAK,EAAA;gBACV,OAAO,IAAIkB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B1B,oBAAAA,GAAAA,CAAIc,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB,EACA,EAAA,CAACO,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOD,MAAAA,CAAO,IAAIG,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDJ,OAAQG,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
1
+ {"version":3,"file":"jwt.js","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;AACtB,oBAAA,MAAMG,SAASC,MAAON,CAAAA,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAQ,EAAA;AACX,wBAAA,MAAM,IAAIG,KAAM,CAAA,qCAAA,CAAA;AACjB;AAED,oBAAA,MAAMC,iBAAoB,GAAA,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MACnBwB,CAAAA,cAAc,CAAC,mBACfC,CAAAA,CAAAA,oBAAoB,CAACP,MAAAA,EAAQQ,SAAW,EAAA;4BAAEC,IAAM,EAAA;AAAW,yBAAA,CAAA;wBAE9D,MAAMC,MAAAA,GAAS,MAAM5B,MAClBwB,CAAAA,cAAc,CAAC,mBACfK,CAAAA,CAAAA,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAQ,EAAA;AACrB,4BAAA,MAAM,IAAIP,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,qBAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACR;AAED3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAQoB,CAAAA,MAAM,KAAKpB,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAED,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAOwB,CAAAA,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAU,EAAA;AACvD,wBAAA,MAAM,IAAIN,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,MAAMgB,IAAAA,GAAO,MAAMrC,MAAOsC,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNC,CAAAA,CAAAA,OAAO,CAAC;wBAAEC,KAAO,EAAA;4BAAErB,EAAIsB,EAAAA,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAKgB,IAAAA,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAI,qBAAA,CAAA;AACpF,oBAAA,IAAI,CAACmB,IAAM,EAAA;AACT,wBAAA,MAAM,IAAIhB,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACnB;gBAED,OAAO,IAAIuB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAaD,GAAAA,SAAAA,IAAaA,SAAUE,CAAAA,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAIc,CAAAA,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAa,GAAA;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAC9B,EAAA,CAACE,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDuB,OAAQM,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
package/dist/server/services/jwt.mjs CHANGED
@@ -27,12 +27,55 @@ function requireJwt() {
27
27
  return this.verify(token);
28
28
  },
29
29
  issue (payload, jwtOptions = {}) {
30
+ const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
31
+ if (mode === 'refresh') {
32
+ const userId = String(payload.id ?? payload.userId ?? '');
33
+ if (!userId) {
34
+ throw new Error('Cannot issue token: missing user id');
35
+ }
36
+ const issueRefreshToken = async ()=>{
37
+ const refresh = await strapi.sessionManager('users-permissions').generateRefreshToken(userId, undefined, {
38
+ type: 'refresh'
39
+ });
40
+ const access = await strapi.sessionManager('users-permissions').generateAccessToken(refresh.token);
41
+ if ('error' in access) {
42
+ throw new Error('Failed to generate access token');
43
+ }
44
+ return access.token;
45
+ };
46
+ return issueRefreshToken();
47
+ }
30
48
  _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));
31
49
  return jwt.sign(_.clone(payload.toJSON ? payload.toJSON() : payload), strapi.config.get('plugin::users-permissions.jwtSecret'), jwtOptions);
32
50
  },
33
- verify (token) {
51
+ async verify (token) {
52
+ const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');
53
+ if (mode === 'refresh') {
54
+ // Accept only access tokens minted by the SessionManager for UP
55
+ const result = strapi.sessionManager('users-permissions').validateAccessToken(token);
56
+ if (!result.isValid || result.payload.type !== 'access') {
57
+ throw new Error('Invalid token.');
58
+ }
59
+ const user = await strapi.db.query('plugin::users-permissions.user').findOne({
60
+ where: {
61
+ id: Number(result.payload.userId) || result.payload.userId
62
+ }
63
+ });
64
+ if (!user) {
65
+ throw new Error('Invalid token.');
66
+ }
67
+ return {
68
+ id: user.id
69
+ };
70
+ }
34
71
  return new Promise((resolve, reject)=>{
35
- jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), {}, (err, tokenPayload = {})=>{
72
+ const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});
73
+ const algorithms = jwtConfig && jwtConfig.algorithm ? [
74
+ jwtConfig.algorithm
75
+ ] : undefined;
76
+ jwt.verify(token, strapi.config.get('plugin::users-permissions.jwtSecret'), algorithms ? {
77
+ algorithms
78
+ } : {}, (err, tokenPayload = {})=>{
36
79
  if (err) {
37
80
  return reject(new Error('Invalid token.'));
38
81
  }
package/dist/server/services/jwt.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n verify(token) {\n return new Promise((resolve, reject) => {\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","defaults","config","get","sign","clone","toJSON","Promise","resolve","reject","err","tokenPayload","Error"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5BnB,gBAAAA,CAAAA,CAAEoB,QAAQ,CAACD,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIqB,IAAI,CACbvB,EAAEwB,KAAK,CAACN,QAAQO,MAAM,GAAGP,OAAQO,CAAAA,MAAM,KAAKP,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAEDH,YAAAA,MAAAA,CAAAA,CAAOR,KAAK,EAAA;gBACV,OAAO,IAAIkB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B1B,oBAAAA,GAAAA,CAAIc,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB,EACA,EAAA,CAACO,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOD,MAAAA,CAAO,IAAIG,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDJ,OAAQG,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
1
+ {"version":3,"file":"jwt.mjs","sources":["../../../server/services/jwt.js"],"sourcesContent":["'use strict';\n\n/**\n * Jwt.js service\n *\n * @description: A set of functions similar to controller's actions to avoid code duplication.\n */\n\nconst _ = require('lodash');\nconst jwt = require('jsonwebtoken');\n\nmodule.exports = ({ strapi }) => ({\n getToken(ctx) {\n let token;\n\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' || parts.length !== 2) {\n return null;\n }\n\n token = parts[1];\n } else {\n return null;\n }\n\n return this.verify(token);\n },\n\n issue(payload, jwtOptions = {}) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n const userId = String(payload.id ?? payload.userId ?? '');\n if (!userId) {\n throw new Error('Cannot issue token: missing user id');\n }\n\n const issueRefreshToken = async () => {\n const refresh = await strapi\n .sessionManager('users-permissions')\n .generateRefreshToken(userId, undefined, { type: 'refresh' });\n\n const access = await strapi\n .sessionManager('users-permissions')\n .generateAccessToken(refresh.token);\n if ('error' in access) {\n throw new Error('Failed to generate access token');\n }\n\n return access.token;\n };\n\n return issueRefreshToken();\n }\n\n _.defaults(jwtOptions, strapi.config.get('plugin::users-permissions.jwt'));\n return jwt.sign(\n _.clone(payload.toJSON ? payload.toJSON() : payload),\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n jwtOptions\n );\n },\n\n async verify(token) {\n const mode = strapi.config.get('plugin::users-permissions.jwtManagement', 'legacy-support');\n\n if (mode === 'refresh') {\n // Accept only access tokens minted by the SessionManager for UP\n const result = strapi.sessionManager('users-permissions').validateAccessToken(token);\n if (!result.isValid || result.payload.type !== 'access') {\n throw new Error('Invalid token.');\n }\n\n const user = await strapi.db\n .query('plugin::users-permissions.user')\n .findOne({ where: { id: Number(result.payload.userId) || result.payload.userId } });\n if (!user) {\n throw new Error('Invalid token.');\n }\n\n return { id: user.id };\n }\n\n return new Promise((resolve, reject) => {\n const jwtConfig = strapi.config.get('plugin::users-permissions.jwt', {});\n const algorithms = jwtConfig && jwtConfig.algorithm ? [jwtConfig.algorithm] : undefined;\n\n jwt.verify(\n token,\n strapi.config.get('plugin::users-permissions.jwtSecret'),\n algorithms ? { algorithms } : {},\n (err, tokenPayload = {}) => {\n if (err) {\n return reject(new Error('Invalid token.'));\n }\n resolve(tokenPayload);\n }\n );\n });\n },\n});\n"],"names":["_","require$$0","jwt","require$$1","jwt_1","strapi","getToken","ctx","token","request","header","authorization","parts","split","toLowerCase","length","verify","issue","payload","jwtOptions","mode","config","get","userId","String","id","Error","issueRefreshToken","refresh","sessionManager","generateRefreshToken","undefined","type","access","generateAccessToken","defaults","sign","clone","toJSON","result","validateAccessToken","isValid","user","db","query","findOne","where","Number","Promise","resolve","reject","jwtConfig","algorithms","algorithm","err","tokenPayload"],"mappings":";;;;;;;;AAEA;;;;AAIA,KAEA,MAAMA,CAAIC,GAAAA,UAAAA;AACV,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AAEZC,IAAAA,KAAAA,GAAiB,CAAC,EAAEC,MAAM,EAAE,IAAM;AAChCC,YAAAA,QAAAA,CAAAA,CAASC,GAAG,EAAA;gBACV,IAAIC,KAAAA;AAEJ,gBAAA,IAAID,GAAIE,CAAAA,OAAO,IAAIF,GAAAA,CAAIE,OAAO,CAACC,MAAM,IAAIH,GAAAA,CAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,EAAE;oBACzE,MAAMC,KAAAA,GAAQL,IAAIE,OAAO,CAACC,MAAM,CAACC,aAAa,CAACE,KAAK,CAAC,KAAA,CAAA;oBAErD,IAAID,KAAK,CAAC,CAAA,CAAE,CAACE,WAAW,OAAO,QAAYF,IAAAA,KAAAA,CAAMG,MAAM,KAAK,CAAG,EAAA;wBAC7D,OAAO,IAAA;AACR;oBAEDP,KAAQI,GAAAA,KAAK,CAAC,CAAE,CAAA;iBACX,MAAA;oBACL,OAAO,IAAA;AACR;gBAED,OAAO,IAAI,CAACI,MAAM,CAACR,KAAAA,CAAAA;AACpB,aAAA;AAEDS,YAAAA,KAAAA,CAAAA,CAAMC,OAAO,EAAEC,UAAa,GAAA,EAAE,EAAA;AAC5B,gBAAA,MAAMC,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;AACtB,oBAAA,MAAMG,SAASC,MAAON,CAAAA,OAAAA,CAAQO,EAAE,IAAIP,OAAAA,CAAQK,MAAM,IAAI,EAAA,CAAA;AACtD,oBAAA,IAAI,CAACA,MAAQ,EAAA;AACX,wBAAA,MAAM,IAAIG,KAAM,CAAA,qCAAA,CAAA;AACjB;AAED,oBAAA,MAAMC,iBAAoB,GAAA,UAAA;wBACxB,MAAMC,OAAAA,GAAU,MAAMvB,MACnBwB,CAAAA,cAAc,CAAC,mBACfC,CAAAA,CAAAA,oBAAoB,CAACP,MAAAA,EAAQQ,SAAW,EAAA;4BAAEC,IAAM,EAAA;AAAW,yBAAA,CAAA;wBAE9D,MAAMC,MAAAA,GAAS,MAAM5B,MAClBwB,CAAAA,cAAc,CAAC,mBACfK,CAAAA,CAAAA,mBAAmB,CAACN,OAAAA,CAAQpB,KAAK,CAAA;AACpC,wBAAA,IAAI,WAAWyB,MAAQ,EAAA;AACrB,4BAAA,MAAM,IAAIP,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,wBAAA,OAAOO,OAAOzB,KAAK;AAC3B,qBAAA;oBAEM,OAAOmB,iBAAAA,EAAAA;AACR;AAED3B,gBAAAA,CAAAA,CAAEmC,QAAQ,CAAChB,UAAAA,EAAYd,OAAOgB,MAAM,CAACC,GAAG,CAAC,+BAAA,CAAA,CAAA;AACzC,gBAAA,OAAOpB,IAAIkC,IAAI,CACbpC,EAAEqC,KAAK,CAACnB,QAAQoB,MAAM,GAAGpB,OAAQoB,CAAAA,MAAM,KAAKpB,OAC5Cb,CAAAA,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAClBH,CAAAA,EAAAA,UAAAA,CAAAA;AAEH,aAAA;AAED,YAAA,MAAMH,QAAOR,KAAK,EAAA;AAChB,gBAAA,MAAMY,OAAOf,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,yCAA2C,EAAA,gBAAA,CAAA;AAE1E,gBAAA,IAAIF,SAAS,SAAW,EAAA;;AAEtB,oBAAA,MAAMmB,SAASlC,MAAOwB,CAAAA,cAAc,CAAC,mBAAA,CAAA,CAAqBW,mBAAmB,CAAChC,KAAAA,CAAAA;oBAC9E,IAAI,CAAC+B,OAAOE,OAAO,IAAIF,OAAOrB,OAAO,CAACc,IAAI,KAAK,QAAU,EAAA;AACvD,wBAAA,MAAM,IAAIN,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,MAAMgB,IAAAA,GAAO,MAAMrC,MAAOsC,CAAAA,EAAE,CACzBC,KAAK,CAAC,gCACNC,CAAAA,CAAAA,OAAO,CAAC;wBAAEC,KAAO,EAAA;4BAAErB,EAAIsB,EAAAA,MAAAA,CAAOR,OAAOrB,OAAO,CAACK,MAAM,CAAKgB,IAAAA,MAAAA,CAAOrB,OAAO,CAACK;AAAM;AAAI,qBAAA,CAAA;AACpF,oBAAA,IAAI,CAACmB,IAAM,EAAA;AACT,wBAAA,MAAM,IAAIhB,KAAM,CAAA,gBAAA,CAAA;AACjB;oBAED,OAAO;AAAED,wBAAAA,EAAAA,EAAIiB,KAAKjB;;AACnB;gBAED,OAAO,IAAIuB,OAAQ,CAAA,CAACC,OAASC,EAAAA,MAAAA,GAAAA;AAC3B,oBAAA,MAAMC,YAAY9C,MAAOgB,CAAAA,MAAM,CAACC,GAAG,CAAC,iCAAiC,EAAA,CAAA;AACrE,oBAAA,MAAM8B,UAAaD,GAAAA,SAAAA,IAAaA,SAAUE,CAAAA,SAAS,GAAG;AAACF,wBAAAA,SAAAA,CAAUE;qBAAU,GAAGtB,SAAAA;oBAE9E7B,GAAIc,CAAAA,MAAM,CACRR,KACAH,EAAAA,MAAAA,CAAOgB,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA,EAClB8B,UAAa,GAAA;AAAEA,wBAAAA;AAAU,qBAAA,GAAK,EAC9B,EAAA,CAACE,GAAKC,EAAAA,YAAAA,GAAe,EAAE,GAAA;AACrB,wBAAA,IAAID,GAAK,EAAA;4BACP,OAAOJ,MAAAA,CAAO,IAAIxB,KAAM,CAAA,gBAAA,CAAA,CAAA;AACzB;wBACDuB,OAAQM,CAAAA,YAAAA,CAAAA;AACT,qBAAA,CAAA;AAET,iBAAA,CAAA;AACG;SACH,CAAA;;;;;;"}
package/dist/server/services/providers-registry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"providers-registry.js","sources":["../../../server/services/providers-registry.js"],"sourcesContent":["'use strict';\n\nconst { strict: assert } = require('assert');\nconst jwt = require('jsonwebtoken');\nconst urljoin = require('url-join');\nconst jwkToPem = require('jwk-to-pem');\n\nconst getCognitoPayload = async ({ idToken, jwksUrl, purest }) => {\n const {\n header: { kid },\n payload,\n } = jwt.decode(idToken, { complete: true });\n\n if (!payload || !kid) {\n throw new Error('The provided token is not valid');\n }\n\n const config = {\n cognito: {\n discovery: {\n origin: jwksUrl.origin,\n path: jwksUrl.pathname,\n },\n },\n };\n try {\n const cognito = purest({ provider: 'cognito', config });\n // get the JSON Web Key (JWK) for the user pool\n const { body: jwk } = await cognito('discovery').request();\n // Get the key with the same Key ID as the provided token\n const key = jwk.keys.find(({ kid: jwkKid }) => jwkKid === kid);\n const pem = jwkToPem(key);\n\n // https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html\n const decodedToken = await new Promise((resolve, reject) => {\n jwt.verify(idToken, pem, { algorithms: ['RS256'] }, (err, decodedToken) => {\n if (err) {\n reject();\n }\n resolve(decodedToken);\n });\n });\n return decodedToken;\n } catch (err) {\n throw new Error('There was an error verifying the token');\n }\n};\n\nconst initProviders = ({ baseURL, purest }) => ({\n email: {\n enabled: true,\n icon: 'envelope',\n grantConfig: {},\n },\n discord: {\n enabled: false,\n icon: 'discord',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/discord/callback`,\n scope: ['identify', 'email'],\n },\n async authCallback({ accessToken }) {\n const discord = purest({ provider: 'discord' });\n\n return discord\n .get('users/@me')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // Combine username and discriminator (if discriminator exists and not equal to 0)\n const username =\n body.discriminator && body.discriminator !== '0'\n ? `${body.username}#${body.discriminator}`\n : body.username;\n return {\n username,\n email: body.email,\n };\n });\n },\n },\n facebook: {\n enabled: false,\n icon: 'facebook-square',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/facebook/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const facebook = purest({ provider: 'facebook' });\n\n return facebook\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'name,email' })\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: body.email,\n }));\n },\n },\n google: {\n enabled: false,\n icon: 'google',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/google/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const google = purest({ provider: 'google' });\n\n return google\n .query('oauth')\n .get('tokeninfo')\n .qs({ accessToken })\n .request()\n .then(({ body }) => ({\n username: body.email.split('@')[0],\n email: body.email,\n }));\n },\n },\n github: {\n enabled: false,\n icon: 'github',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/github/callback`,\n scope: ['user', 'user:email'],\n },\n async authCallback({ accessToken }) {\n const github = purest({\n provider: 'github',\n defaults: {\n headers: {\n 'user-agent': 'strapi',\n },\n },\n });\n\n const { body: userBody } = await github.get('user').auth(accessToken).request();\n\n // This is the public email on the github profile\n if (userBody.email) {\n return {\n username: userBody.login,\n email: userBody.email,\n };\n }\n // Get the email with Github's user/emails API\n const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();\n\n return {\n username: userBody.login,\n email: Array.isArray(emailBody)\n ? emailBody.find((email) => email.primary === true).email\n : null,\n };\n },\n },\n microsoft: {\n enabled: false,\n icon: 'windows',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/microsoft/callback`,\n scope: ['user.read'],\n },\n async authCallback({ accessToken }) {\n const microsoft = purest({ provider: 'microsoft' });\n\n return microsoft\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.userPrincipalName,\n email: body.userPrincipalName,\n }));\n },\n },\n\n twitter: {\n enabled: false,\n icon: 'twitter',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitter/callback`,\n },\n async authCallback({ accessToken, query, providers }) {\n const twitter = purest({\n provider: 'twitter',\n defaults: {\n oauth: {\n consumer_key: providers.twitter.key,\n consumer_secret: providers.twitter.secret,\n },\n },\n });\n\n return twitter\n .get('account/verify_credentials')\n .auth(accessToken, query.access_secret)\n .qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })\n .request()\n .then(({ body }) => ({\n username: body.screen_name,\n email: body.email,\n }));\n },\n },\n instagram: {\n enabled: false,\n icon: 'instagram',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/instagram/callback`,\n scope: ['user_profile'],\n },\n async authCallback({ accessToken }) {\n const instagram = purest({ provider: 'instagram' });\n\n return instagram\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'id,username' })\n .request()\n .then(({ body }) => ({\n username: body.username,\n email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email\n }));\n },\n },\n vk: {\n enabled: false,\n icon: 'vk',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/vk/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken, query }) {\n const vk = purest({ provider: 'vk' });\n\n return vk\n .get('users')\n .auth(accessToken)\n .qs({ id: query.raw.user_id, v: '5.122' })\n .request()\n .then(({ body }) => ({\n username: `${body.response[0].last_name} ${body.response[0].first_name}`,\n email: query.raw.email,\n }));\n },\n },\n\n twitch: {\n enabled: false,\n icon: 'twitch',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitch/callback`,\n scope: ['user:read:email'],\n },\n async authCallback({ accessToken, providers }) {\n const twitch = purest({\n provider: 'twitch',\n config: {\n twitch: {\n default: {\n origin: 'https://api.twitch.tv',\n path: 'helix/{path}',\n headers: {\n Authorization: 'Bearer {auth}',\n 'Client-Id': '{auth}',\n },\n },\n },\n },\n });\n\n return twitch\n .get('users')\n .auth(accessToken, providers.twitch.key)\n .request()\n .then(({ body }) => ({\n username: body.data[0].login,\n email: body.data[0].email,\n }));\n },\n },\n\n linkedin: {\n enabled: false,\n icon: 'linkedin',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/linkedin/callback`,\n scope: ['r_liteprofile', 'r_emailaddress'],\n },\n async authCallback({ accessToken }) {\n const linkedIn = purest({ provider: 'linkedin' });\n const {\n body: { localizedFirstName },\n } = await linkedIn.get('me').auth(accessToken).request();\n const {\n body: { elements },\n } = await linkedIn\n .get('emailAddress?q=members&projection=(elements*(handle~))')\n .auth(accessToken)\n .request();\n\n const email = elements[0]['handle~'];\n\n return {\n username: localizedFirstName,\n email: email.emailAddress,\n };\n },\n },\n\n cognito: {\n enabled: false,\n icon: 'aws',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my.subdomain.com',\n callback: `${baseURL}/cognito/callback`,\n scope: ['email', 'openid', 'profile'],\n },\n async authCallback({ query, providers }) {\n const jwksUrl = new URL(providers.cognito.jwksurl);\n const idToken = query.id_token;\n const tokenPayload = await getCognitoPayload({ idToken, jwksUrl, purest });\n return {\n username: tokenPayload['cognito:username'],\n email: tokenPayload.email,\n };\n },\n },\n\n reddit: {\n enabled: false,\n icon: 'reddit',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/reddit/callback`,\n scope: ['identity'],\n },\n async authCallback({ accessToken }) {\n const reddit = purest({\n provider: 'reddit',\n config: {\n reddit: {\n default: {\n origin: 'https://oauth.reddit.com',\n path: 'api/{version}/{path}',\n version: 'v1',\n headers: {\n Authorization: 'Bearer {auth}',\n 'user-agent': 'strapi',\n },\n },\n },\n },\n });\n\n return reddit\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email\n }));\n },\n },\n\n auth0: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my-tenant.eu',\n callback: `${baseURL}/auth0/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const auth0 = purest({ provider: 'auth0' });\n\n return auth0\n .get('userinfo')\n .subdomain(providers.auth0.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n const username = body.username || body.nickname || body.name || body.email.split('@')[0];\n const email = body.email || `${username.replace(/\\s+/g, '.')}@strapi.io`;\n\n return {\n username,\n email,\n };\n });\n },\n },\n\n cas: {\n enabled: false,\n icon: 'book',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/cas/callback`,\n scope: ['openid email'], // scopes should be space delimited\n subdomain: 'my.subdomain.com/cas',\n },\n async authCallback({ accessToken, providers }) {\n const cas = purest({ provider: 'cas' });\n\n return cas\n .get('oidc/profile')\n .subdomain(providers.cas.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // CAS attribute may be in body.attributes or \"FLAT\", depending on CAS config\n const username = body.attributes\n ? body.attributes.strapiusername || body.id || body.sub\n : body.strapiusername || body.id || body.sub;\n const email = body.attributes\n ? body.attributes.strapiemail || body.attributes.email\n : body.strapiemail || body.email;\n if (!username || !email) {\n strapi.log.warn(\n `CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`\n );\n }\n return {\n username,\n email,\n };\n });\n },\n },\n\n patreon: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/patreon/callback`,\n scope: ['identity', 'identity[email]'],\n },\n async authCallback({ accessToken }) {\n const patreon = purest({\n provider: 'patreon',\n config: {\n patreon: {\n default: {\n origin: 'https://www.patreon.com',\n path: 'api/oauth2/{path}',\n headers: {\n authorization: 'Bearer {auth}',\n },\n },\n },\n },\n });\n\n return patreon\n .get('v2/identity')\n .auth(accessToken)\n .qs(new URLSearchParams({ 'fields[user]': 'full_name,email' }).toString())\n .request()\n .then(({ body }) => {\n const patreonData = body.data.attributes;\n return {\n username: patreonData.full_name,\n email: patreonData.email,\n };\n });\n },\n },\n keycloak: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'myKeycloakProvider.com/realms/myrealm',\n callback: `${baseURL}/keycloak/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const keycloak = purest({ provider: 'keycloak' });\n\n return keycloak\n .subdomain(providers.keycloak.subdomain)\n .get('protocol/openid-connect/userinfo')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n return {\n username: body.preferred_username,\n email: body.email,\n };\n });\n },\n },\n});\n\nmodule.exports = () => {\n const purest = require('purest');\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');\n\n const authProviders = initProviders({ baseURL, purest });\n\n /**\n * @public\n */\n return {\n getAll() {\n return authProviders;\n },\n get(name) {\n return authProviders[name];\n },\n add(name, config) {\n authProviders[name] = config;\n },\n remove(name) {\n delete authProviders[name];\n },\n\n /**\n * @internal\n */\n async run({ provider, accessToken, query, providers }) {\n const authProvider = authProviders[provider];\n\n assert(authProvider, 'Unknown auth provider');\n\n return authProvider.authCallback({ accessToken, query, providers, purest });\n },\n };\n};\n"],"names":["strict","assert","require$$0","jwt","require$$1","urljoin","require$$2","jwkToPem","require$$3","getCognitoPayload","idToken","jwksUrl","purest","header","kid","payload","decode","complete","Error","config","cognito","discovery","origin","path","pathname","provider","body","jwk","request","key","keys","find","jwkKid","pem","decodedToken","Promise","resolve","reject","verify","algorithms","err","initProviders","baseURL","email","enabled","icon","grantConfig","discord","secret","callbackUrl","scope","authCallback","accessToken","get","auth","then","username","discriminator","facebook","qs","fields","name","google","query","split","github","defaults","headers","userBody","login","emailBody","Array","isArray","primary","microsoft","userPrincipalName","twitter","providers","oauth","consumer_key","consumer_secret","access_secret","screen_name","include_email","instagram","vk","id","raw","user_id","v","response","last_name","first_name","twitch","default","Authorization","data","linkedin","linkedIn","localizedFirstName","elements","emailAddress","subdomain","callback","URL","jwksurl","id_token","tokenPayload","reddit","version","auth0","nickname","replace","cas","attributes","strapiusername","sub","strapiemail","strapi","log","warn","JSON","stringify","patreon","authorization","URLSearchParams","toString","patreonData","full_name","keycloak","preferred_username","providersRegistry","require$$4","apiPrefix","server","url","authProviders","getAll","add","remove","run","authProvider"],"mappings":";;;;;;;;;;;;;AAEA,IAAA,MAAM,EAAEA,MAAAA,EAAQC,MAAM,EAAE,GAAGC,UAAAA;AAC3B,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AACZ,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;AAChB,IAAA,MAAMC,QAAWC,GAAAA,UAAAA;IAEjB,MAAMC,iBAAAA,GAAoB,OAAO,EAAEC,OAAO,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAA;AAC3D,QAAA,MAAM,EACJC,MAAAA,EAAQ,EAAEC,GAAG,EAAE,EACfC,OAAO,EACR,GAAGZ,GAAAA,CAAIa,MAAM,CAACN,OAAS,EAAA;YAAEO,QAAU,EAAA;AAAI,SAAA,CAAA;QAExC,IAAI,CAACF,OAAW,IAAA,CAACD,GAAK,EAAA;AACpB,YAAA,MAAM,IAAII,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,QAAA,MAAMC,MAAS,GAAA;YACbC,OAAS,EAAA;gBACPC,SAAW,EAAA;AACTC,oBAAAA,MAAAA,EAAQX,QAAQW,MAAM;AACtBC,oBAAAA,IAAAA,EAAMZ,QAAQa;AACf;AACF;AACL,SAAA;QACE,IAAI;AACF,YAAA,MAAMJ,UAAUR,MAAO,CAAA;gBAAEa,QAAU,EAAA,SAAA;AAAWN,gBAAAA;AAAM,aAAA,CAAA;;YAEpD,MAAM,EAAEO,MAAMC,GAAG,EAAE,GAAG,MAAMP,OAAAA,CAAQ,aAAaQ,OAAO,EAAA;;AAExD,YAAA,MAAMC,GAAMF,GAAAA,GAAAA,CAAIG,IAAI,CAACC,IAAI,CAAC,CAAC,EAAEjB,GAAKkB,EAAAA,MAAM,EAAE,GAAKA,MAAWlB,KAAAA,GAAAA,CAAAA;AAC1D,YAAA,MAAMmB,MAAM1B,QAASsB,CAAAA,GAAAA,CAAAA;;AAGrB,YAAA,MAAMK,YAAe,GAAA,MAAM,IAAIC,OAAAA,CAAQ,CAACC,OAASC,EAAAA,MAAAA,GAAAA;gBAC/ClC,GAAImC,CAAAA,MAAM,CAAC5B,OAAAA,EAASuB,GAAK,EAAA;oBAAEM,UAAY,EAAA;AAAC,wBAAA;AAAQ;AAAE,iBAAA,EAAE,CAACC,GAAKN,EAAAA,YAAAA,GAAAA;AACxD,oBAAA,IAAIM,GAAK,EAAA;AACPH,wBAAAA,MAAAA,EAAAA;AACD;oBACDD,OAAQF,CAAAA,YAAAA,CAAAA;AAChB,iBAAA,CAAA;AACA,aAAA,CAAA;YACI,OAAOA,YAAAA;AACR,SAAA,CAAC,OAAOM,GAAK,EAAA;AACZ,YAAA,MAAM,IAAItB,KAAM,CAAA,wCAAA,CAAA;AACjB;AACH,KAAA;IAEA,MAAMuB,aAAAA,GAAgB,CAAC,EAAEC,OAAO,EAAE9B,MAAM,EAAE,IAAM;YAC9C+B,KAAO,EAAA;gBACLC,OAAS,EAAA,IAAA;gBACTC,IAAM,EAAA,UAAA;AACNC,gBAAAA,WAAAA,EAAa;AACd,aAAA;YACDC,OAAS,EAAA;gBACPH,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,iBAAiB,CAAC;oBAC1CQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAQ;AAC7B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAML,UAAUnC,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAW,qBAAA,CAAA;AAE9C,oBAAA,OAAOsB,OACJM,CAAAA,GAAG,CAAC,WAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GACJ9B,KAAK+B,aAAa,IAAI/B,KAAK+B,aAAa,KAAK,MACzC,CAAC,EAAE/B,KAAK8B,QAAQ,CAAC,CAAC,EAAE9B,IAAAA,CAAK+B,aAAa,CAAC,CAAC,GACxC/B,IAAAA,CAAK8B,QAAQ;wBACnB,OAAO;AACLA,4BAAAA,QAAAA;AACAb,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDe,QAAU,EAAA;gBACRd,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,iBAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMM,WAAW9C,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOiC,QAAAA,CACJL,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDmB,MAAQ,EAAA;gBACNlB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMU,SAASlD,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAU,qBAAA,CAAA;oBAE5C,OAAOqC,MAAAA,CACJC,KAAK,CAAC,OAAA,CAAA,CACNV,GAAG,CAAC,WAAA,CAAA,CACJM,EAAE,CAAC;AAAEP,wBAAAA;qBACLxB,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AAClCrB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDsB,MAAQ,EAAA;gBACNrB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAa;AAC9B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMa,SAASrD,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVyC,QAAU,EAAA;4BACRC,OAAS,EAAA;gCACP,YAAc,EAAA;AACf;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,MAAM,EAAEzC,IAAAA,EAAM0C,QAAQ,EAAE,GAAG,MAAMH,MAAOZ,CAAAA,GAAG,CAAC,MAAA,CAAA,CAAQC,IAAI,CAACF,aAAaxB,OAAO,EAAA;;oBAG7E,IAAIwC,QAAAA,CAASzB,KAAK,EAAE;wBAClB,OAAO;AACLa,4BAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,4BAAAA,KAAAA,EAAOyB,SAASzB;AAC1B,yBAAA;AACO;;AAED,oBAAA,MAAM,EAAEjB,IAAAA,EAAM4C,SAAS,EAAE,GAAG,MAAML,MAAOZ,CAAAA,GAAG,CAAC,aAAA,CAAA,CAAeC,IAAI,CAACF,aAAaxB,OAAO,EAAA;oBAErF,OAAO;AACL4B,wBAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,wBAAAA,KAAAA,EAAO4B,KAAMC,CAAAA,OAAO,CAACF,SAAAA,CAAAA,GACjBA,UAAUvC,IAAI,CAAC,CAACY,KAAAA,GAAUA,KAAM8B,CAAAA,OAAO,KAAK,IAAA,CAAA,CAAM9B,KAAK,GACvD;AACZ,qBAAA;AACK;AACF,aAAA;YACD+B,SAAW,EAAA;gBACT9B,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAY;AACrB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMsB,YAAY9D,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;AAElD,oBAAA,OAAOiD,UACJrB,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiD,iBAAiB;AAChChC,4BAAAA,KAAAA,EAAOjB,KAAKiD;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YAEDC,OAAS,EAAA;gBACPhC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,iBAAiB;AAC1C,iBAAA;AACD,gBAAA,MAAMS,cAAa,EAAEC,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;AAClD,oBAAA,MAAMD,UAAUhE,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVyC,QAAU,EAAA;4BACRY,KAAO,EAAA;gCACLC,YAAcF,EAAAA,SAAAA,CAAUD,OAAO,CAAC/C,GAAG;gCACnCmD,eAAiBH,EAAAA,SAAAA,CAAUD,OAAO,CAAC5B;AACpC;AACF;AACT,qBAAA,CAAA;oBAEM,OAAO4B,OAAAA,CACJvB,GAAG,CAAC,4BACJC,CAAAA,CAAAA,IAAI,CAACF,WAAAA,EAAaW,KAAMkB,CAAAA,aAAa,CACrCtB,CAAAA,EAAE,CAAC;wBAAEuB,WAAanB,EAAAA,KAAK,CAAC,kBAAmB,CAAA;wBAAEoB,aAAe,EAAA;qBAC5DvD,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKwD,WAAW;AAC1BvC,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDyC,SAAW,EAAA;gBACTxC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,WAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAe;AACxB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMgC,YAAYxE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;oBAElD,OAAO2D,SAAAA,CACJ/B,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAK8B,QAAQ;AACvBb,4BAAAA,KAAAA,EAAO,CAAC,EAAEjB,IAAAA,CAAK8B,QAAQ,CAAC,UAAU;yBACnC,CAAA,CAAA;AACJ;AACF,aAAA;YACD6B,EAAI,EAAA;gBACFzC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,IAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,YAAY,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEW,KAAK,EAAE,EAAA;AACvC,oBAAA,MAAMsB,KAAKzE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAM,qBAAA,CAAA;oBAEpC,OAAO4D,EAAAA,CACJhC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAE2B,EAAIvB,EAAAA,KAAAA,CAAMwB,GAAG,CAACC,OAAO;wBAAEC,CAAG,EAAA;qBAC/B7D,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU,CAAC,EAAE9B,IAAAA,CAAKgE,QAAQ,CAAC,CAAA,CAAE,CAACC,SAAS,CAAC,CAAC,EAAEjE,KAAKgE,QAAQ,CAAC,EAAE,CAACE,UAAU,CAAC,CAAC;4BACxEjD,KAAOoB,EAAAA,KAAAA,CAAMwB,GAAG,CAAC5C;yBAClB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDkD,MAAQ,EAAA;gBACNjD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAkB;AAC3B,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMgB,SAASjF,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACN0E,MAAQ,EAAA;gCACNC,OAAS,EAAA;oCACPxE,MAAQ,EAAA,uBAAA;oCACRC,IAAM,EAAA,cAAA;oCACN4C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,WAAa,EAAA;AACd;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOF,MAAAA,CACJxC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,EAAayB,UAAUgB,MAAM,CAAChE,GAAG,CACtCD,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAAC3B,KAAK;AAC5B1B,4BAAAA,KAAAA,EAAOjB,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAACrD;yBACrB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDsD,QAAU,EAAA;gBACRrD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,UAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA,eAAA;AAAiB,wBAAA;AAAiB;AAC3C,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAM8C,WAAWtF,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;AAChD,oBAAA,MAAM,EACJC,IAAAA,EAAM,EAAEyE,kBAAkB,EAAE,EAC7B,GAAG,MAAMD,QAAAA,CAAS7C,GAAG,CAAC,IAAA,CAAA,CAAMC,IAAI,CAACF,aAAaxB,OAAO,EAAA;AACtD,oBAAA,MAAM,EACJF,IAAAA,EAAM,EAAE0E,QAAQ,EAAE,EACnB,GAAG,MAAMF,QAAAA,CACP7C,GAAG,CAAC,wDAAA,CAAA,CACJC,IAAI,CAACF,aACLxB,OAAO,EAAA;AAEV,oBAAA,MAAMe,KAAQyD,GAAAA,QAAQ,CAAC,CAAA,CAAE,CAAC,SAAU,CAAA;oBAEpC,OAAO;wBACL5C,QAAU2C,EAAAA,kBAAAA;AACVxD,wBAAAA,KAAAA,EAAOA,MAAM0D;AACrB,qBAAA;AACK;AACF,aAAA;YAEDjF,OAAS,EAAA;gBACPwB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,KAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,kBAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA,QAAA;AAAU,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEY,KAAK,EAAEc,SAAS,EAAE,EAAA;AACrC,oBAAA,MAAMlE,UAAU,IAAI6F,GAAAA,CAAI3B,SAAUzD,CAAAA,OAAO,CAACqF,OAAO,CAAA;oBACjD,MAAM/F,OAAAA,GAAUqD,MAAM2C,QAAQ;oBAC9B,MAAMC,YAAAA,GAAe,MAAMlG,iBAAkB,CAAA;AAAEC,wBAAAA,OAAAA;AAASC,wBAAAA,OAAAA;AAASC,wBAAAA;AAAM,qBAAA,CAAA;oBACvE,OAAO;wBACL4C,QAAUmD,EAAAA,YAAY,CAAC,kBAAmB,CAAA;AAC1ChE,wBAAAA,KAAAA,EAAOgE,aAAahE;AAC5B,qBAAA;AACK;AACF,aAAA;YAEDiE,MAAQ,EAAA;gBACNhE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,gBAAgB,CAAC;oBACtCQ,KAAO,EAAA;AAAC,wBAAA;AAAW;AACpB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMwD,SAAShG,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACNyF,MAAQ,EAAA;gCACNd,OAAS,EAAA;oCACPxE,MAAQ,EAAA,0BAAA;oCACRC,IAAM,EAAA,sBAAA;oCACNsF,OAAS,EAAA,IAAA;oCACT1C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,YAAc,EAAA;AACf;AACF;AACF;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,OAAOa,OACJvD,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAO,CAAC,EAAEjB,IAAAA,CAAKmC,IAAI,CAAC,UAAU;yBAC/B,CAAA,CAAA;AACJ;AACF,aAAA;YAEDiD,KAAO,EAAA;gBACLlE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,cAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,eAAe,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMiC,QAAQlG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAS,qBAAA,CAAA;oBAE1C,OAAOqF,KAAAA,CACJzD,GAAG,CAAC,UAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUiC,KAAK,CAACR,SAAS,EACnChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAM8B,WAAW9B,IAAK8B,CAAAA,QAAQ,IAAI9B,IAAAA,CAAKqF,QAAQ,IAAIrF,IAAAA,CAAKmC,IAAI,IAAInC,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AACxF,wBAAA,MAAMrB,KAAQjB,GAAAA,IAAAA,CAAKiB,KAAK,IAAI,CAAC,EAAEa,QAASwD,CAAAA,OAAO,CAAC,MAAA,EAAQ,GAAK,CAAA,CAAA,UAAU,CAAC;wBAExE,OAAO;AACLxD,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDsE,GAAK,EAAA;gBACHrE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,MAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,aAAa,CAAC;oBACnCQ,KAAO,EAAA;AAAC,wBAAA;AAAe,qBAAA;oBACvBoD,SAAW,EAAA;AACZ,iBAAA;AACD,gBAAA,MAAMnD,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoC,MAAMrG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAO,qBAAA,CAAA;oBAEtC,OAAOwF,GAAAA,CACJ5D,GAAG,CAAC,cAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUoC,GAAG,CAACX,SAAS,EACjChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GAAW9B,KAAKwF,UAAU,GAC5BxF,KAAKwF,UAAU,CAACC,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAK0F,CAAAA,GAAG,GACrD1F,IAAKyF,CAAAA,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAAA,CAAK0F,GAAG;AAC9C,wBAAA,MAAMzE,QAAQjB,IAAKwF,CAAAA,UAAU,GACzBxF,IAAKwF,CAAAA,UAAU,CAACG,WAAW,IAAI3F,IAAKwF,CAAAA,UAAU,CAACvE,KAAK,GACpDjB,KAAK2F,WAAW,IAAI3F,KAAKiB,KAAK;wBAClC,IAAI,CAACa,QAAY,IAAA,CAACb,KAAO,EAAA;4BACvB2E,MAAOC,CAAAA,GAAG,CAACC,IAAI,CACb,CAAC,uDAAuD,EAAEC,IAAKC,CAAAA,SAAS,CAAChG,IAAAA,CAAAA,CAAM,CAAC,CAAA;AAEnF;wBACD,OAAO;AACL8B,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDgF,OAAS,EAAA;gBACP/E,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAkB;AACvC,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMuE,UAAU/G,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVN,MAAQ,EAAA;4BACNwG,OAAS,EAAA;gCACP7B,OAAS,EAAA;oCACPxE,MAAQ,EAAA,yBAAA;oCACRC,IAAM,EAAA,mBAAA;oCACN4C,OAAS,EAAA;wCACPyD,aAAe,EAAA;AAChB;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOD,OAAAA,CACJtE,GAAG,CAAC,aACJC,CAAAA,CAAAA,IAAI,CAACF,WACLO,CAAAA,CAAAA,EAAE,CAAC,IAAIkE,eAAgB,CAAA;wBAAE,cAAgB,EAAA;qBAAqBC,CAAAA,CAAAA,QAAQ,IACtElG,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAMqG,WAAcrG,GAAAA,IAAAA,CAAKsE,IAAI,CAACkB,UAAU;wBACxC,OAAO;AACL1D,4BAAAA,QAAAA,EAAUuE,YAAYC,SAAS;AAC/BrF,4BAAAA,KAAAA,EAAOoF,YAAYpF;AAC/B,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDsF,QAAU,EAAA;gBACRrF,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,uCAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,kBAAkB,CAAC;oBACxCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoD,WAAWrH,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOwG,QAAAA,CACJ3B,SAAS,CAACzB,SAAAA,CAAUoD,QAAQ,CAAC3B,SAAS,EACtCjD,GAAG,CAAC,oCACJC,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;wBACb,OAAO;AACL8B,4BAAAA,QAAAA,EAAU9B,KAAKwG,kBAAkB;AACjCvF,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF;SACH,CAAA;IAEAwF,iBAAiB,GAAA,IAAA;AACf,QAAA,MAAMvH,MAASwH,GAAAA,UAAAA;AAEf,QAAA,MAAMC,SAAYf,GAAAA,MAAAA,CAAOnG,MAAM,CAACkC,GAAG,CAAC,iBAAA,CAAA;QACpC,MAAMX,OAAAA,GAAUrC,QAAQiH,MAAOnG,CAAAA,MAAM,CAACmH,MAAM,CAACC,GAAG,EAAEF,SAAW,EAAA,MAAA,CAAA;AAE7D,QAAA,MAAMG,gBAAgB/F,aAAc,CAAA;AAAEC,YAAAA,OAAAA;AAAS9B,YAAAA;AAAQ,SAAA,CAAA;AAEzD;;AAEA,OACE,OAAO;AACL6H,YAAAA,MAAAA,CAAAA,GAAAA;gBACE,OAAOD,aAAAA;AACR,aAAA;AACDnF,YAAAA,GAAAA,CAAAA,CAAIQ,IAAI,EAAA;gBACN,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;YACD6E,GAAI7E,CAAAA,CAAAA,IAAI,EAAE1C,MAAM,EAAA;gBACdqH,aAAa,CAAC3E,KAAK,GAAG1C,MAAAA;AACvB,aAAA;AACDwH,YAAAA,MAAAA,CAAAA,CAAO9E,IAAI,EAAA;gBACT,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;AAEL;;SAGI,MAAM+E,GAAI,CAAA,CAAA,EAAEnH,QAAQ,EAAE2B,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;gBACnD,MAAMgE,YAAAA,GAAeL,aAAa,CAAC/G,QAAS,CAAA;AAE5CxB,gBAAAA,MAAAA,CAAO4I,YAAc,EAAA,uBAAA,CAAA;gBAErB,OAAOA,YAAAA,CAAa1F,YAAY,CAAC;AAAEC,oBAAAA,WAAAA;AAAaW,oBAAAA,KAAAA;AAAOc,oBAAAA,SAAAA;AAAWjE,oBAAAA;AAAM,iBAAA,CAAA;AACzE;AACL,SAAA;AACA,KAAA;;;;;;"}
1
+ {"version":3,"file":"providers-registry.js","sources":["../../../server/services/providers-registry.js"],"sourcesContent":["'use strict';\n\nconst { strict: assert } = require('assert');\nconst jwt = require('jsonwebtoken');\nconst urljoin = require('url-join');\nconst jwkToPem = require('jwk-to-pem');\n\nconst getCognitoPayload = async ({ idToken, jwksUrl, purest }) => {\n const {\n header: { kid },\n payload,\n } = jwt.decode(idToken, { complete: true });\n\n if (!payload || !kid) {\n throw new Error('The provided token is not valid');\n }\n\n const config = {\n cognito: {\n discovery: {\n origin: jwksUrl.origin,\n path: jwksUrl.pathname,\n },\n },\n };\n try {\n const cognito = purest({ provider: 'cognito', config });\n // get the JSON Web Key (JWK) for the user pool\n const { body: jwk } = await cognito('discovery').request();\n // Get the key with the same Key ID as the provided token\n const key = jwk.keys.find(({ kid: jwkKid }) => jwkKid === kid);\n const pem = jwkToPem(key);\n\n // https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html\n const decodedToken = await new Promise((resolve, reject) => {\n jwt.verify(idToken, pem, { algorithms: ['RS256'] }, (err, decodedToken) => {\n if (err) {\n reject();\n }\n resolve(decodedToken);\n });\n });\n return decodedToken;\n } catch (err) {\n throw new Error('There was an error verifying the token');\n }\n};\n\nconst initProviders = ({ baseURL, purest }) => ({\n email: {\n enabled: true,\n icon: 'envelope',\n grantConfig: {},\n },\n discord: {\n enabled: false,\n icon: 'discord',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/discord/callback`,\n scope: ['identify', 'email'],\n },\n async authCallback({ accessToken }) {\n const discord = purest({ provider: 'discord' });\n\n return discord\n .get('users/@me')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // Combine username and discriminator (if discriminator exists and not equal to 0)\n const username =\n body.discriminator && body.discriminator !== '0'\n ? `${body.username}#${body.discriminator}`\n : body.username;\n return {\n username,\n email: body.email,\n };\n });\n },\n },\n facebook: {\n enabled: false,\n icon: 'facebook-square',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/facebook/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const facebook = purest({ provider: 'facebook' });\n\n return facebook\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'name,email' })\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: body.email,\n }));\n },\n },\n google: {\n enabled: false,\n icon: 'google',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/google/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const google = purest({ provider: 'google' });\n\n return google\n .query('oauth')\n .get('tokeninfo')\n .qs({ accessToken })\n .request()\n .then(({ body }) => ({\n username: body.email.split('@')[0],\n email: body.email,\n }));\n },\n },\n github: {\n enabled: false,\n icon: 'github',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/github/callback`,\n scope: ['user', 'user:email'],\n },\n async authCallback({ accessToken }) {\n const github = purest({\n provider: 'github',\n defaults: {\n headers: {\n 'user-agent': 'strapi',\n },\n },\n });\n\n const { body: userBody } = await github.get('user').auth(accessToken).request();\n\n // This is the public email on the github profile\n if (userBody.email) {\n return {\n username: userBody.login,\n email: userBody.email,\n };\n }\n // Get the email with Github's user/emails API\n const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();\n\n return {\n username: userBody.login,\n email: Array.isArray(emailBody)\n ? emailBody.find((email) => email.primary === true).email\n : null,\n };\n },\n },\n microsoft: {\n enabled: false,\n icon: 'windows',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/microsoft/callback`,\n scope: ['user.read'],\n },\n async authCallback({ accessToken }) {\n const microsoft = purest({ provider: 'microsoft' });\n\n return microsoft\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.userPrincipalName,\n email: body.userPrincipalName,\n }));\n },\n },\n\n twitter: {\n enabled: false,\n icon: 'twitter',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitter/callback`,\n },\n async authCallback({ accessToken, query, providers }) {\n const twitter = purest({\n provider: 'twitter',\n defaults: {\n oauth: {\n consumer_key: providers.twitter.key,\n consumer_secret: providers.twitter.secret,\n },\n },\n });\n\n return twitter\n .get('account/verify_credentials')\n .auth(accessToken, query.access_secret)\n .qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })\n .request()\n .then(({ body }) => ({\n username: body.screen_name,\n email: body.email,\n }));\n },\n },\n instagram: {\n enabled: false,\n icon: 'instagram',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/instagram/callback`,\n scope: ['user_profile'],\n },\n async authCallback({ accessToken }) {\n const instagram = purest({ provider: 'instagram' });\n\n return instagram\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'id,username' })\n .request()\n .then(({ body }) => ({\n username: body.username,\n email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email\n }));\n },\n },\n vk: {\n enabled: false,\n icon: 'vk',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/vk/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken, query }) {\n const vk = purest({ provider: 'vk' });\n\n return vk\n .get('users')\n .auth(accessToken)\n .qs({ id: query.raw.user_id, v: '5.122' })\n .request()\n .then(({ body }) => ({\n username: `${body.response[0].last_name} ${body.response[0].first_name}`,\n email: query.raw.email,\n }));\n },\n },\n\n twitch: {\n enabled: false,\n icon: 'twitch',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitch/callback`,\n scope: ['user:read:email'],\n },\n async authCallback({ accessToken, providers }) {\n const twitch = purest({\n provider: 'twitch',\n config: {\n twitch: {\n default: {\n origin: 'https://api.twitch.tv',\n path: 'helix/{path}',\n headers: {\n Authorization: 'Bearer {auth}',\n 'Client-Id': '{auth}',\n },\n },\n },\n },\n });\n\n return twitch\n .get('users')\n .auth(accessToken, providers.twitch.key)\n .request()\n .then(({ body }) => ({\n username: body.data[0].login,\n email: body.data[0].email,\n }));\n },\n },\n\n linkedin: {\n enabled: false,\n icon: 'linkedin',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/linkedin/callback`,\n scope: ['r_liteprofile', 'r_emailaddress'],\n },\n async authCallback({ accessToken }) {\n const linkedIn = purest({ provider: 'linkedin' });\n const {\n body: { localizedFirstName },\n } = await linkedIn.get('me').auth(accessToken).request();\n const {\n body: { elements },\n } = await linkedIn\n .get('emailAddress?q=members&projection=(elements*(handle~))')\n .auth(accessToken)\n .request();\n\n const email = elements[0]['handle~'];\n\n return {\n username: localizedFirstName,\n email: email.emailAddress,\n };\n },\n },\n\n cognito: {\n enabled: false,\n icon: 'aws',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my.subdomain.com',\n callback: `${baseURL}/cognito/callback`,\n scope: ['email', 'openid', 'profile'],\n },\n async authCallback({ query, providers }) {\n const jwksUrl = new URL(providers.cognito.jwksurl);\n const idToken = query.id_token;\n const tokenPayload = await getCognitoPayload({ idToken, jwksUrl, purest });\n return {\n username: tokenPayload['cognito:username'],\n email: tokenPayload.email,\n };\n },\n },\n\n reddit: {\n enabled: false,\n icon: 'reddit',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/reddit/callback`,\n scope: ['identity'],\n },\n async authCallback({ accessToken }) {\n const reddit = purest({\n provider: 'reddit',\n config: {\n reddit: {\n default: {\n origin: 'https://oauth.reddit.com',\n path: 'api/{version}/{path}',\n version: 'v1',\n headers: {\n Authorization: 'Bearer {auth}',\n 'user-agent': 'strapi',\n },\n },\n },\n },\n });\n\n return reddit\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email\n }));\n },\n },\n\n auth0: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my-tenant.eu',\n callback: `${baseURL}/auth0/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const auth0 = purest({ provider: 'auth0' });\n\n return auth0\n .get('userinfo')\n .subdomain(providers.auth0.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n const username = body.username || body.nickname || body.name || body.email.split('@')[0];\n const email = body.email || `${username.replace(/\\s+/g, '.')}@strapi.io`;\n\n return {\n username,\n email,\n };\n });\n },\n },\n\n cas: {\n enabled: false,\n icon: 'book',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/cas/callback`,\n scope: ['openid email'], // scopes should be space delimited\n subdomain: 'my.subdomain.com/cas',\n },\n async authCallback({ accessToken, providers }) {\n const cas = purest({ provider: 'cas' });\n\n return cas\n .get('oidc/profile')\n .subdomain(providers.cas.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // CAS attribute may be in body.attributes or \"FLAT\", depending on CAS config\n const username = body.attributes\n ? body.attributes.strapiusername || body.id || body.sub\n : body.strapiusername || body.id || body.sub;\n const email = body.attributes\n ? body.attributes.strapiemail || body.attributes.email\n : body.strapiemail || body.email;\n if (!username || !email) {\n strapi.log.warn(\n `CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`\n );\n }\n return {\n username,\n email,\n };\n });\n },\n },\n\n patreon: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/patreon/callback`,\n scope: ['identity', 'identity[email]'],\n },\n async authCallback({ accessToken }) {\n const patreon = purest({\n provider: 'patreon',\n config: {\n patreon: {\n default: {\n origin: 'https://www.patreon.com',\n path: 'api/oauth2/{path}',\n headers: {\n authorization: 'Bearer {auth}',\n },\n },\n },\n },\n });\n\n return patreon\n .get('v2/identity')\n .auth(accessToken)\n .qs(new URLSearchParams({ 'fields[user]': 'full_name,email' }).toString())\n .request()\n .then(({ body }) => {\n const patreonData = body.data.attributes;\n return {\n username: patreonData.full_name,\n email: patreonData.email,\n };\n });\n },\n },\n keycloak: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'myKeycloakProvider.com/realms/myrealm',\n callback: `${baseURL}/keycloak/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const keycloak = purest({ provider: 'keycloak' });\n\n return keycloak\n .subdomain(providers.keycloak.subdomain)\n .get('protocol/openid-connect/userinfo')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n return {\n username: body.preferred_username,\n email: body.email,\n };\n });\n },\n },\n});\n\nmodule.exports = () => {\n const purest = require('purest');\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');\n\n const authProviders = initProviders({ baseURL, purest });\n\n /**\n * @public\n */\n return {\n getAll() {\n return authProviders;\n },\n get(name) {\n return authProviders[name];\n },\n add(name, config) {\n authProviders[name] = config;\n },\n remove(name) {\n delete authProviders[name];\n },\n\n /**\n * @internal\n */\n async run({ provider, accessToken, query, providers }) {\n const authProvider = authProviders[provider];\n\n assert(authProvider, 'Unknown auth provider');\n\n return authProvider.authCallback({ accessToken, query, providers, purest });\n },\n };\n};\n"],"names":["strict","assert","require$$0","jwt","require$$1","urljoin","require$$2","jwkToPem","require$$3","getCognitoPayload","idToken","jwksUrl","purest","header","kid","payload","decode","complete","Error","config","cognito","discovery","origin","path","pathname","provider","body","jwk","request","key","keys","find","jwkKid","pem","decodedToken","Promise","resolve","reject","verify","algorithms","err","initProviders","baseURL","email","enabled","icon","grantConfig","discord","secret","callbackUrl","scope","authCallback","accessToken","get","auth","then","username","discriminator","facebook","qs","fields","name","google","query","split","github","defaults","headers","userBody","login","emailBody","Array","isArray","primary","microsoft","userPrincipalName","twitter","providers","oauth","consumer_key","consumer_secret","access_secret","screen_name","include_email","instagram","vk","id","raw","user_id","v","response","last_name","first_name","twitch","default","Authorization","data","linkedin","linkedIn","localizedFirstName","elements","emailAddress","subdomain","callback","URL","jwksurl","id_token","tokenPayload","reddit","version","auth0","nickname","replace","cas","attributes","strapiusername","sub","strapiemail","strapi","log","warn","JSON","stringify","patreon","authorization","URLSearchParams","toString","patreonData","full_name","keycloak","preferred_username","providersRegistry","require$$4","apiPrefix","server","url","authProviders","getAll","add","remove","run","authProvider"],"mappings":";;;;;;;;;;;;;AAEA,IAAA,MAAM,EAAEA,MAAAA,EAAQC,MAAM,EAAE,GAAGC,UAAAA;AAC3B,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AACZ,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;AAChB,IAAA,MAAMC,QAAWC,GAAAA,UAAAA;IAEjB,MAAMC,iBAAAA,GAAoB,OAAO,EAAEC,OAAO,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAA;AAC3D,QAAA,MAAM,EACJC,MAAAA,EAAQ,EAAEC,GAAG,EAAE,EACfC,OAAO,EACR,GAAGZ,GAAAA,CAAIa,MAAM,CAACN,OAAS,EAAA;YAAEO,QAAU,EAAA;AAAI,SAAA,CAAA;QAExC,IAAI,CAACF,OAAW,IAAA,CAACD,GAAK,EAAA;AACpB,YAAA,MAAM,IAAII,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,QAAA,MAAMC,MAAS,GAAA;YACbC,OAAS,EAAA;gBACPC,SAAW,EAAA;AACTC,oBAAAA,MAAAA,EAAQX,QAAQW,MAAM;AACtBC,oBAAAA,IAAAA,EAAMZ,QAAQa;AACf;AACF;AACL,SAAA;QACE,IAAI;AACF,YAAA,MAAMJ,UAAUR,MAAO,CAAA;gBAAEa,QAAU,EAAA,SAAA;AAAWN,gBAAAA;AAAM,aAAA,CAAA;;YAEpD,MAAM,EAAEO,MAAMC,GAAG,EAAE,GAAG,MAAMP,OAAAA,CAAQ,aAAaQ,OAAO,EAAA;;AAExD,YAAA,MAAMC,GAAMF,GAAAA,GAAAA,CAAIG,IAAI,CAACC,IAAI,CAAC,CAAC,EAAEjB,GAAKkB,EAAAA,MAAM,EAAE,GAAKA,MAAWlB,KAAAA,GAAAA,CAAAA;AAC1D,YAAA,MAAMmB,MAAM1B,QAASsB,CAAAA,GAAAA,CAAAA;;AAGrB,YAAA,MAAMK,YAAe,GAAA,MAAM,IAAIC,OAAAA,CAAQ,CAACC,OAASC,EAAAA,MAAAA,GAAAA;gBAC/ClC,GAAImC,CAAAA,MAAM,CAAC5B,OAAAA,EAASuB,GAAK,EAAA;oBAAEM,UAAY,EAAA;AAAC,wBAAA;AAAQ;AAAE,iBAAA,EAAE,CAACC,GAAKN,EAAAA,YAAAA,GAAAA;AACxD,oBAAA,IAAIM,GAAK,EAAA;AACPH,wBAAAA,MAAAA,EAAAA;AACD;oBACDD,OAAQF,CAAAA,YAAAA,CAAAA;AAChB,iBAAA,CAAA;AACA,aAAA,CAAA;YACI,OAAOA,YAAAA;AACR,SAAA,CAAC,OAAOM,GAAK,EAAA;AACZ,YAAA,MAAM,IAAItB,KAAM,CAAA,wCAAA,CAAA;AACjB;AACH,KAAA;IAEA,MAAMuB,aAAAA,GAAgB,CAAC,EAAEC,OAAO,EAAE9B,MAAM,EAAE,IAAM;YAC9C+B,KAAO,EAAA;gBACLC,OAAS,EAAA,IAAA;gBACTC,IAAM,EAAA,UAAA;AACNC,gBAAAA,WAAAA,EAAa;AACd,aAAA;YACDC,OAAS,EAAA;gBACPH,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,iBAAiB,CAAC;oBAC1CQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAQ;AAC7B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAML,UAAUnC,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAW,qBAAA,CAAA;AAE9C,oBAAA,OAAOsB,OACJM,CAAAA,GAAG,CAAC,WAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;AAEb,wBAAA,MAAM8B,WACJ9B,IAAK+B,CAAAA,aAAa,IAAI/B,IAAK+B,CAAAA,aAAa,KAAK,GACzC,GAAA,CAAA,EAAG/B,KAAK8B,QAAQ,CAAC,CAAC,EAAE9B,IAAAA,CAAK+B,aAAa,CAAE,CAAA,GACxC/B,KAAK8B,QAAQ;wBACnB,OAAO;AACLA,4BAAAA,QAAAA;AACAb,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDe,QAAU,EAAA;gBACRd,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,iBAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMM,WAAW9C,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOiC,QAAAA,CACJL,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDmB,MAAQ,EAAA;gBACNlB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMU,SAASlD,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAU,qBAAA,CAAA;oBAE5C,OAAOqC,MAAAA,CACJC,KAAK,CAAC,OAAA,CAAA,CACNV,GAAG,CAAC,WAAA,CAAA,CACJM,EAAE,CAAC;AAAEP,wBAAAA;qBACLxB,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AAClCrB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDsB,MAAQ,EAAA;gBACNrB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAa;AAC9B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMa,SAASrD,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVyC,QAAU,EAAA;4BACRC,OAAS,EAAA;gCACP,YAAc,EAAA;AACf;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,MAAM,EAAEzC,IAAAA,EAAM0C,QAAQ,EAAE,GAAG,MAAMH,MAAOZ,CAAAA,GAAG,CAAC,MAAA,CAAA,CAAQC,IAAI,CAACF,aAAaxB,OAAO,EAAA;;oBAG7E,IAAIwC,QAAAA,CAASzB,KAAK,EAAE;wBAClB,OAAO;AACLa,4BAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,4BAAAA,KAAAA,EAAOyB,SAASzB;AAC1B,yBAAA;AACO;;AAED,oBAAA,MAAM,EAAEjB,IAAAA,EAAM4C,SAAS,EAAE,GAAG,MAAML,MAAOZ,CAAAA,GAAG,CAAC,aAAA,CAAA,CAAeC,IAAI,CAACF,aAAaxB,OAAO,EAAA;oBAErF,OAAO;AACL4B,wBAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,wBAAAA,KAAAA,EAAO4B,KAAMC,CAAAA,OAAO,CAACF,SAAAA,CAAAA,GACjBA,UAAUvC,IAAI,CAAC,CAACY,KAAAA,GAAUA,KAAM8B,CAAAA,OAAO,KAAK,IAAA,CAAA,CAAM9B,KAAK,GACvD;AACZ,qBAAA;AACK;AACF,aAAA;YACD+B,SAAW,EAAA;gBACT9B,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAY;AACrB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMsB,YAAY9D,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;AAElD,oBAAA,OAAOiD,UACJrB,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiD,iBAAiB;AAChChC,4BAAAA,KAAAA,EAAOjB,KAAKiD;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YAEDC,OAAS,EAAA;gBACPhC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,iBAAiB;AAC1C,iBAAA;AACD,gBAAA,MAAMS,cAAa,EAAEC,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;AAClD,oBAAA,MAAMD,UAAUhE,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVyC,QAAU,EAAA;4BACRY,KAAO,EAAA;gCACLC,YAAcF,EAAAA,SAAAA,CAAUD,OAAO,CAAC/C,GAAG;gCACnCmD,eAAiBH,EAAAA,SAAAA,CAAUD,OAAO,CAAC5B;AACpC;AACF;AACT,qBAAA,CAAA;oBAEM,OAAO4B,OAAAA,CACJvB,GAAG,CAAC,4BACJC,CAAAA,CAAAA,IAAI,CAACF,WAAAA,EAAaW,KAAMkB,CAAAA,aAAa,CACrCtB,CAAAA,EAAE,CAAC;wBAAEuB,WAAanB,EAAAA,KAAK,CAAC,kBAAmB,CAAA;wBAAEoB,aAAe,EAAA;qBAC5DvD,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKwD,WAAW;AAC1BvC,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDyC,SAAW,EAAA;gBACTxC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,WAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAe;AACxB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMgC,YAAYxE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;oBAElD,OAAO2D,SAAAA,CACJ/B,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAK8B,QAAQ;AACvBb,4BAAAA,KAAAA,EAAO,CAAGjB,EAAAA,IAAAA,CAAK8B,QAAQ,CAAC,UAAU;yBACnC,CAAA,CAAA;AACJ;AACF,aAAA;YACD6B,EAAI,EAAA;gBACFzC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,IAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,YAAY,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEW,KAAK,EAAE,EAAA;AACvC,oBAAA,MAAMsB,KAAKzE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAM,qBAAA,CAAA;oBAEpC,OAAO4D,EAAAA,CACJhC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAE2B,EAAIvB,EAAAA,KAAAA,CAAMwB,GAAG,CAACC,OAAO;wBAAEC,CAAG,EAAA;qBAC/B7D,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU,GAAG9B,IAAKgE,CAAAA,QAAQ,CAAC,CAAA,CAAE,CAACC,SAAS,CAAC,CAAC,EAAEjE,KAAKgE,QAAQ,CAAC,CAAE,CAAA,CAACE,UAAU,CAAE,CAAA;4BACxEjD,KAAOoB,EAAAA,KAAAA,CAAMwB,GAAG,CAAC5C;yBAClB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDkD,MAAQ,EAAA;gBACNjD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAkB;AAC3B,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMgB,SAASjF,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACN0E,MAAQ,EAAA;gCACNC,OAAS,EAAA;oCACPxE,MAAQ,EAAA,uBAAA;oCACRC,IAAM,EAAA,cAAA;oCACN4C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,WAAa,EAAA;AACd;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOF,MAAAA,CACJxC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,EAAayB,UAAUgB,MAAM,CAAChE,GAAG,CACtCD,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAAC3B,KAAK;AAC5B1B,4BAAAA,KAAAA,EAAOjB,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAACrD;yBACrB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDsD,QAAU,EAAA;gBACRrD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,UAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA,eAAA;AAAiB,wBAAA;AAAiB;AAC3C,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAM8C,WAAWtF,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;AAChD,oBAAA,MAAM,EACJC,IAAAA,EAAM,EAAEyE,kBAAkB,EAAE,EAC7B,GAAG,MAAMD,QAAAA,CAAS7C,GAAG,CAAC,IAAA,CAAA,CAAMC,IAAI,CAACF,aAAaxB,OAAO,EAAA;AACtD,oBAAA,MAAM,EACJF,IAAAA,EAAM,EAAE0E,QAAQ,EAAE,EACnB,GAAG,MAAMF,QAAAA,CACP7C,GAAG,CAAC,wDAAA,CAAA,CACJC,IAAI,CAACF,aACLxB,OAAO,EAAA;AAEV,oBAAA,MAAMe,KAAQyD,GAAAA,QAAQ,CAAC,CAAA,CAAE,CAAC,SAAU,CAAA;oBAEpC,OAAO;wBACL5C,QAAU2C,EAAAA,kBAAAA;AACVxD,wBAAAA,KAAAA,EAAOA,MAAM0D;AACrB,qBAAA;AACK;AACF,aAAA;YAEDjF,OAAS,EAAA;gBACPwB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,KAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,kBAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA,QAAA;AAAU,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEY,KAAK,EAAEc,SAAS,EAAE,EAAA;AACrC,oBAAA,MAAMlE,UAAU,IAAI6F,GAAAA,CAAI3B,SAAUzD,CAAAA,OAAO,CAACqF,OAAO,CAAA;oBACjD,MAAM/F,OAAAA,GAAUqD,MAAM2C,QAAQ;oBAC9B,MAAMC,YAAAA,GAAe,MAAMlG,iBAAkB,CAAA;AAAEC,wBAAAA,OAAAA;AAASC,wBAAAA,OAAAA;AAASC,wBAAAA;AAAM,qBAAA,CAAA;oBACvE,OAAO;wBACL4C,QAAUmD,EAAAA,YAAY,CAAC,kBAAmB,CAAA;AAC1ChE,wBAAAA,KAAAA,EAAOgE,aAAahE;AAC5B,qBAAA;AACK;AACF,aAAA;YAEDiE,MAAQ,EAAA;gBACNhE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,gBAAgB,CAAC;oBACtCQ,KAAO,EAAA;AAAC,wBAAA;AAAW;AACpB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMwD,SAAShG,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACNyF,MAAQ,EAAA;gCACNd,OAAS,EAAA;oCACPxE,MAAQ,EAAA,0BAAA;oCACRC,IAAM,EAAA,sBAAA;oCACNsF,OAAS,EAAA,IAAA;oCACT1C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,YAAc,EAAA;AACf;AACF;AACF;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,OAAOa,OACJvD,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAO,CAAGjB,EAAAA,IAAAA,CAAKmC,IAAI,CAAC,UAAU;yBAC/B,CAAA,CAAA;AACJ;AACF,aAAA;YAEDiD,KAAO,EAAA;gBACLlE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,cAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,eAAe,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMiC,QAAQlG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAS,qBAAA,CAAA;oBAE1C,OAAOqF,KAAAA,CACJzD,GAAG,CAAC,UAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUiC,KAAK,CAACR,SAAS,EACnChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAM8B,WAAW9B,IAAK8B,CAAAA,QAAQ,IAAI9B,IAAAA,CAAKqF,QAAQ,IAAIrF,IAAAA,CAAKmC,IAAI,IAAInC,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;wBACxF,MAAMrB,KAAAA,GAAQjB,IAAKiB,CAAAA,KAAK,IAAI,CAAA,EAAGa,QAASwD,CAAAA,OAAO,CAAC,MAAA,EAAQ,GAAK,CAAA,CAAA,UAAU,CAAC;wBAExE,OAAO;AACLxD,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDsE,GAAK,EAAA;gBACHrE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,MAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,aAAa,CAAC;oBACnCQ,KAAO,EAAA;AAAC,wBAAA;AAAe,qBAAA;oBACvBoD,SAAW,EAAA;AACZ,iBAAA;AACD,gBAAA,MAAMnD,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoC,MAAMrG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAO,qBAAA,CAAA;oBAEtC,OAAOwF,GAAAA,CACJ5D,GAAG,CAAC,cAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUoC,GAAG,CAACX,SAAS,EACjChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GAAW9B,KAAKwF,UAAU,GAC5BxF,KAAKwF,UAAU,CAACC,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAK0F,CAAAA,GAAG,GACrD1F,IAAKyF,CAAAA,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAAA,CAAK0F,GAAG;AAC9C,wBAAA,MAAMzE,QAAQjB,IAAKwF,CAAAA,UAAU,GACzBxF,IAAKwF,CAAAA,UAAU,CAACG,WAAW,IAAI3F,IAAKwF,CAAAA,UAAU,CAACvE,KAAK,GACpDjB,KAAK2F,WAAW,IAAI3F,KAAKiB,KAAK;wBAClC,IAAI,CAACa,QAAY,IAAA,CAACb,KAAO,EAAA;4BACvB2E,MAAOC,CAAAA,GAAG,CAACC,IAAI,CACb,CAAC,uDAAuD,EAAEC,IAAAA,CAAKC,SAAS,CAAChG,IAAO,CAAA,CAAA,CAAA,CAAA;AAEnF;wBACD,OAAO;AACL8B,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDgF,OAAS,EAAA;gBACP/E,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAkB;AACvC,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMuE,UAAU/G,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVN,MAAQ,EAAA;4BACNwG,OAAS,EAAA;gCACP7B,OAAS,EAAA;oCACPxE,MAAQ,EAAA,yBAAA;oCACRC,IAAM,EAAA,mBAAA;oCACN4C,OAAS,EAAA;wCACPyD,aAAe,EAAA;AAChB;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOD,OAAAA,CACJtE,GAAG,CAAC,aACJC,CAAAA,CAAAA,IAAI,CAACF,WACLO,CAAAA,CAAAA,EAAE,CAAC,IAAIkE,eAAgB,CAAA;wBAAE,cAAgB,EAAA;qBAAqBC,CAAAA,CAAAA,QAAQ,IACtElG,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAMqG,WAAcrG,GAAAA,IAAAA,CAAKsE,IAAI,CAACkB,UAAU;wBACxC,OAAO;AACL1D,4BAAAA,QAAAA,EAAUuE,YAAYC,SAAS;AAC/BrF,4BAAAA,KAAAA,EAAOoF,YAAYpF;AAC/B,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDsF,QAAU,EAAA;gBACRrF,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,uCAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,kBAAkB,CAAC;oBACxCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoD,WAAWrH,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOwG,QAAAA,CACJ3B,SAAS,CAACzB,SAAAA,CAAUoD,QAAQ,CAAC3B,SAAS,EACtCjD,GAAG,CAAC,oCACJC,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;wBACb,OAAO;AACL8B,4BAAAA,QAAAA,EAAU9B,KAAKwG,kBAAkB;AACjCvF,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF;SACH,CAAA;IAEAwF,iBAAiB,GAAA,IAAA;AACf,QAAA,MAAMvH,MAASwH,GAAAA,UAAAA;AAEf,QAAA,MAAMC,SAAYf,GAAAA,MAAAA,CAAOnG,MAAM,CAACkC,GAAG,CAAC,iBAAA,CAAA;QACpC,MAAMX,OAAAA,GAAUrC,QAAQiH,MAAOnG,CAAAA,MAAM,CAACmH,MAAM,CAACC,GAAG,EAAEF,SAAW,EAAA,MAAA,CAAA;AAE7D,QAAA,MAAMG,gBAAgB/F,aAAc,CAAA;AAAEC,YAAAA,OAAAA;AAAS9B,YAAAA;AAAQ,SAAA,CAAA;AAEzD;;AAEA,OACE,OAAO;AACL6H,YAAAA,MAAAA,CAAAA,GAAAA;gBACE,OAAOD,aAAAA;AACR,aAAA;AACDnF,YAAAA,GAAAA,CAAAA,CAAIQ,IAAI,EAAA;gBACN,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;YACD6E,GAAI7E,CAAAA,CAAAA,IAAI,EAAE1C,MAAM,EAAA;gBACdqH,aAAa,CAAC3E,KAAK,GAAG1C,MAAAA;AACvB,aAAA;AACDwH,YAAAA,MAAAA,CAAAA,CAAO9E,IAAI,EAAA;gBACT,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;AAEL;;SAGI,MAAM+E,GAAI,CAAA,CAAA,EAAEnH,QAAQ,EAAE2B,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;gBACnD,MAAMgE,YAAAA,GAAeL,aAAa,CAAC/G,QAAS,CAAA;AAE5CxB,gBAAAA,MAAAA,CAAO4I,YAAc,EAAA,uBAAA,CAAA;gBAErB,OAAOA,YAAAA,CAAa1F,YAAY,CAAC;AAAEC,oBAAAA,WAAAA;AAAaW,oBAAAA,KAAAA;AAAOc,oBAAAA,SAAAA;AAAWjE,oBAAAA;AAAM,iBAAA,CAAA;AACzE;AACL,SAAA;AACA,KAAA;;;;;;"}
package/dist/server/services/providers-registry.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"providers-registry.mjs","sources":["../../../server/services/providers-registry.js"],"sourcesContent":["'use strict';\n\nconst { strict: assert } = require('assert');\nconst jwt = require('jsonwebtoken');\nconst urljoin = require('url-join');\nconst jwkToPem = require('jwk-to-pem');\n\nconst getCognitoPayload = async ({ idToken, jwksUrl, purest }) => {\n const {\n header: { kid },\n payload,\n } = jwt.decode(idToken, { complete: true });\n\n if (!payload || !kid) {\n throw new Error('The provided token is not valid');\n }\n\n const config = {\n cognito: {\n discovery: {\n origin: jwksUrl.origin,\n path: jwksUrl.pathname,\n },\n },\n };\n try {\n const cognito = purest({ provider: 'cognito', config });\n // get the JSON Web Key (JWK) for the user pool\n const { body: jwk } = await cognito('discovery').request();\n // Get the key with the same Key ID as the provided token\n const key = jwk.keys.find(({ kid: jwkKid }) => jwkKid === kid);\n const pem = jwkToPem(key);\n\n // https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html\n const decodedToken = await new Promise((resolve, reject) => {\n jwt.verify(idToken, pem, { algorithms: ['RS256'] }, (err, decodedToken) => {\n if (err) {\n reject();\n }\n resolve(decodedToken);\n });\n });\n return decodedToken;\n } catch (err) {\n throw new Error('There was an error verifying the token');\n }\n};\n\nconst initProviders = ({ baseURL, purest }) => ({\n email: {\n enabled: true,\n icon: 'envelope',\n grantConfig: {},\n },\n discord: {\n enabled: false,\n icon: 'discord',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/discord/callback`,\n scope: ['identify', 'email'],\n },\n async authCallback({ accessToken }) {\n const discord = purest({ provider: 'discord' });\n\n return discord\n .get('users/@me')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // Combine username and discriminator (if discriminator exists and not equal to 0)\n const username =\n body.discriminator && body.discriminator !== '0'\n ? `${body.username}#${body.discriminator}`\n : body.username;\n return {\n username,\n email: body.email,\n };\n });\n },\n },\n facebook: {\n enabled: false,\n icon: 'facebook-square',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/facebook/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const facebook = purest({ provider: 'facebook' });\n\n return facebook\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'name,email' })\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: body.email,\n }));\n },\n },\n google: {\n enabled: false,\n icon: 'google',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/google/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const google = purest({ provider: 'google' });\n\n return google\n .query('oauth')\n .get('tokeninfo')\n .qs({ accessToken })\n .request()\n .then(({ body }) => ({\n username: body.email.split('@')[0],\n email: body.email,\n }));\n },\n },\n github: {\n enabled: false,\n icon: 'github',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/github/callback`,\n scope: ['user', 'user:email'],\n },\n async authCallback({ accessToken }) {\n const github = purest({\n provider: 'github',\n defaults: {\n headers: {\n 'user-agent': 'strapi',\n },\n },\n });\n\n const { body: userBody } = await github.get('user').auth(accessToken).request();\n\n // This is the public email on the github profile\n if (userBody.email) {\n return {\n username: userBody.login,\n email: userBody.email,\n };\n }\n // Get the email with Github's user/emails API\n const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();\n\n return {\n username: userBody.login,\n email: Array.isArray(emailBody)\n ? emailBody.find((email) => email.primary === true).email\n : null,\n };\n },\n },\n microsoft: {\n enabled: false,\n icon: 'windows',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/microsoft/callback`,\n scope: ['user.read'],\n },\n async authCallback({ accessToken }) {\n const microsoft = purest({ provider: 'microsoft' });\n\n return microsoft\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.userPrincipalName,\n email: body.userPrincipalName,\n }));\n },\n },\n\n twitter: {\n enabled: false,\n icon: 'twitter',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitter/callback`,\n },\n async authCallback({ accessToken, query, providers }) {\n const twitter = purest({\n provider: 'twitter',\n defaults: {\n oauth: {\n consumer_key: providers.twitter.key,\n consumer_secret: providers.twitter.secret,\n },\n },\n });\n\n return twitter\n .get('account/verify_credentials')\n .auth(accessToken, query.access_secret)\n .qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })\n .request()\n .then(({ body }) => ({\n username: body.screen_name,\n email: body.email,\n }));\n },\n },\n instagram: {\n enabled: false,\n icon: 'instagram',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/instagram/callback`,\n scope: ['user_profile'],\n },\n async authCallback({ accessToken }) {\n const instagram = purest({ provider: 'instagram' });\n\n return instagram\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'id,username' })\n .request()\n .then(({ body }) => ({\n username: body.username,\n email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email\n }));\n },\n },\n vk: {\n enabled: false,\n icon: 'vk',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/vk/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken, query }) {\n const vk = purest({ provider: 'vk' });\n\n return vk\n .get('users')\n .auth(accessToken)\n .qs({ id: query.raw.user_id, v: '5.122' })\n .request()\n .then(({ body }) => ({\n username: `${body.response[0].last_name} ${body.response[0].first_name}`,\n email: query.raw.email,\n }));\n },\n },\n\n twitch: {\n enabled: false,\n icon: 'twitch',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitch/callback`,\n scope: ['user:read:email'],\n },\n async authCallback({ accessToken, providers }) {\n const twitch = purest({\n provider: 'twitch',\n config: {\n twitch: {\n default: {\n origin: 'https://api.twitch.tv',\n path: 'helix/{path}',\n headers: {\n Authorization: 'Bearer {auth}',\n 'Client-Id': '{auth}',\n },\n },\n },\n },\n });\n\n return twitch\n .get('users')\n .auth(accessToken, providers.twitch.key)\n .request()\n .then(({ body }) => ({\n username: body.data[0].login,\n email: body.data[0].email,\n }));\n },\n },\n\n linkedin: {\n enabled: false,\n icon: 'linkedin',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/linkedin/callback`,\n scope: ['r_liteprofile', 'r_emailaddress'],\n },\n async authCallback({ accessToken }) {\n const linkedIn = purest({ provider: 'linkedin' });\n const {\n body: { localizedFirstName },\n } = await linkedIn.get('me').auth(accessToken).request();\n const {\n body: { elements },\n } = await linkedIn\n .get('emailAddress?q=members&projection=(elements*(handle~))')\n .auth(accessToken)\n .request();\n\n const email = elements[0]['handle~'];\n\n return {\n username: localizedFirstName,\n email: email.emailAddress,\n };\n },\n },\n\n cognito: {\n enabled: false,\n icon: 'aws',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my.subdomain.com',\n callback: `${baseURL}/cognito/callback`,\n scope: ['email', 'openid', 'profile'],\n },\n async authCallback({ query, providers }) {\n const jwksUrl = new URL(providers.cognito.jwksurl);\n const idToken = query.id_token;\n const tokenPayload = await getCognitoPayload({ idToken, jwksUrl, purest });\n return {\n username: tokenPayload['cognito:username'],\n email: tokenPayload.email,\n };\n },\n },\n\n reddit: {\n enabled: false,\n icon: 'reddit',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/reddit/callback`,\n scope: ['identity'],\n },\n async authCallback({ accessToken }) {\n const reddit = purest({\n provider: 'reddit',\n config: {\n reddit: {\n default: {\n origin: 'https://oauth.reddit.com',\n path: 'api/{version}/{path}',\n version: 'v1',\n headers: {\n Authorization: 'Bearer {auth}',\n 'user-agent': 'strapi',\n },\n },\n },\n },\n });\n\n return reddit\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email\n }));\n },\n },\n\n auth0: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my-tenant.eu',\n callback: `${baseURL}/auth0/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const auth0 = purest({ provider: 'auth0' });\n\n return auth0\n .get('userinfo')\n .subdomain(providers.auth0.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n const username = body.username || body.nickname || body.name || body.email.split('@')[0];\n const email = body.email || `${username.replace(/\\s+/g, '.')}@strapi.io`;\n\n return {\n username,\n email,\n };\n });\n },\n },\n\n cas: {\n enabled: false,\n icon: 'book',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/cas/callback`,\n scope: ['openid email'], // scopes should be space delimited\n subdomain: 'my.subdomain.com/cas',\n },\n async authCallback({ accessToken, providers }) {\n const cas = purest({ provider: 'cas' });\n\n return cas\n .get('oidc/profile')\n .subdomain(providers.cas.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // CAS attribute may be in body.attributes or \"FLAT\", depending on CAS config\n const username = body.attributes\n ? body.attributes.strapiusername || body.id || body.sub\n : body.strapiusername || body.id || body.sub;\n const email = body.attributes\n ? body.attributes.strapiemail || body.attributes.email\n : body.strapiemail || body.email;\n if (!username || !email) {\n strapi.log.warn(\n `CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`\n );\n }\n return {\n username,\n email,\n };\n });\n },\n },\n\n patreon: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/patreon/callback`,\n scope: ['identity', 'identity[email]'],\n },\n async authCallback({ accessToken }) {\n const patreon = purest({\n provider: 'patreon',\n config: {\n patreon: {\n default: {\n origin: 'https://www.patreon.com',\n path: 'api/oauth2/{path}',\n headers: {\n authorization: 'Bearer {auth}',\n },\n },\n },\n },\n });\n\n return patreon\n .get('v2/identity')\n .auth(accessToken)\n .qs(new URLSearchParams({ 'fields[user]': 'full_name,email' }).toString())\n .request()\n .then(({ body }) => {\n const patreonData = body.data.attributes;\n return {\n username: patreonData.full_name,\n email: patreonData.email,\n };\n });\n },\n },\n keycloak: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'myKeycloakProvider.com/realms/myrealm',\n callback: `${baseURL}/keycloak/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const keycloak = purest({ provider: 'keycloak' });\n\n return keycloak\n .subdomain(providers.keycloak.subdomain)\n .get('protocol/openid-connect/userinfo')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n return {\n username: body.preferred_username,\n email: body.email,\n };\n });\n },\n },\n});\n\nmodule.exports = () => {\n const purest = require('purest');\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');\n\n const authProviders = initProviders({ baseURL, purest });\n\n /**\n * @public\n */\n return {\n getAll() {\n return authProviders;\n },\n get(name) {\n return authProviders[name];\n },\n add(name, config) {\n authProviders[name] = config;\n },\n remove(name) {\n delete authProviders[name];\n },\n\n /**\n * @internal\n */\n async run({ provider, accessToken, query, providers }) {\n const authProvider = authProviders[provider];\n\n assert(authProvider, 'Unknown auth provider');\n\n return authProvider.authCallback({ accessToken, query, providers, purest });\n },\n };\n};\n"],"names":["strict","assert","require$$0","jwt","require$$1","urljoin","require$$2","jwkToPem","require$$3","getCognitoPayload","idToken","jwksUrl","purest","header","kid","payload","decode","complete","Error","config","cognito","discovery","origin","path","pathname","provider","body","jwk","request","key","keys","find","jwkKid","pem","decodedToken","Promise","resolve","reject","verify","algorithms","err","initProviders","baseURL","email","enabled","icon","grantConfig","discord","secret","callbackUrl","scope","authCallback","accessToken","get","auth","then","username","discriminator","facebook","qs","fields","name","google","query","split","github","defaults","headers","userBody","login","emailBody","Array","isArray","primary","microsoft","userPrincipalName","twitter","providers","oauth","consumer_key","consumer_secret","access_secret","screen_name","include_email","instagram","vk","id","raw","user_id","v","response","last_name","first_name","twitch","default","Authorization","data","linkedin","linkedIn","localizedFirstName","elements","emailAddress","subdomain","callback","URL","jwksurl","id_token","tokenPayload","reddit","version","auth0","nickname","replace","cas","attributes","strapiusername","sub","strapiemail","strapi","log","warn","JSON","stringify","patreon","authorization","URLSearchParams","toString","patreonData","full_name","keycloak","preferred_username","providersRegistry","require$$4","apiPrefix","server","url","authProviders","getAll","add","remove","run","authProvider"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAM,EAAEA,MAAAA,EAAQC,MAAM,EAAE,GAAGC,UAAAA;AAC3B,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AACZ,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;AAChB,IAAA,MAAMC,QAAWC,GAAAA,UAAAA;IAEjB,MAAMC,iBAAAA,GAAoB,OAAO,EAAEC,OAAO,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAA;AAC3D,QAAA,MAAM,EACJC,MAAAA,EAAQ,EAAEC,GAAG,EAAE,EACfC,OAAO,EACR,GAAGZ,GAAAA,CAAIa,MAAM,CAACN,OAAS,EAAA;YAAEO,QAAU,EAAA;AAAI,SAAA,CAAA;QAExC,IAAI,CAACF,OAAW,IAAA,CAACD,GAAK,EAAA;AACpB,YAAA,MAAM,IAAII,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,QAAA,MAAMC,MAAS,GAAA;YACbC,OAAS,EAAA;gBACPC,SAAW,EAAA;AACTC,oBAAAA,MAAAA,EAAQX,QAAQW,MAAM;AACtBC,oBAAAA,IAAAA,EAAMZ,QAAQa;AACf;AACF;AACL,SAAA;QACE,IAAI;AACF,YAAA,MAAMJ,UAAUR,MAAO,CAAA;gBAAEa,QAAU,EAAA,SAAA;AAAWN,gBAAAA;AAAM,aAAA,CAAA;;YAEpD,MAAM,EAAEO,MAAMC,GAAG,EAAE,GAAG,MAAMP,OAAAA,CAAQ,aAAaQ,OAAO,EAAA;;AAExD,YAAA,MAAMC,GAAMF,GAAAA,GAAAA,CAAIG,IAAI,CAACC,IAAI,CAAC,CAAC,EAAEjB,GAAKkB,EAAAA,MAAM,EAAE,GAAKA,MAAWlB,KAAAA,GAAAA,CAAAA;AAC1D,YAAA,MAAMmB,MAAM1B,QAASsB,CAAAA,GAAAA,CAAAA;;AAGrB,YAAA,MAAMK,YAAe,GAAA,MAAM,IAAIC,OAAAA,CAAQ,CAACC,OAASC,EAAAA,MAAAA,GAAAA;gBAC/ClC,GAAImC,CAAAA,MAAM,CAAC5B,OAAAA,EAASuB,GAAK,EAAA;oBAAEM,UAAY,EAAA;AAAC,wBAAA;AAAQ;AAAE,iBAAA,EAAE,CAACC,GAAKN,EAAAA,YAAAA,GAAAA;AACxD,oBAAA,IAAIM,GAAK,EAAA;AACPH,wBAAAA,MAAAA,EAAAA;AACD;oBACDD,OAAQF,CAAAA,YAAAA,CAAAA;AAChB,iBAAA,CAAA;AACA,aAAA,CAAA;YACI,OAAOA,YAAAA;AACR,SAAA,CAAC,OAAOM,GAAK,EAAA;AACZ,YAAA,MAAM,IAAItB,KAAM,CAAA,wCAAA,CAAA;AACjB;AACH,KAAA;IAEA,MAAMuB,aAAAA,GAAgB,CAAC,EAAEC,OAAO,EAAE9B,MAAM,EAAE,IAAM;YAC9C+B,KAAO,EAAA;gBACLC,OAAS,EAAA,IAAA;gBACTC,IAAM,EAAA,UAAA;AACNC,gBAAAA,WAAAA,EAAa;AACd,aAAA;YACDC,OAAS,EAAA;gBACPH,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,iBAAiB,CAAC;oBAC1CQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAQ;AAC7B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAML,UAAUnC,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAW,qBAAA,CAAA;AAE9C,oBAAA,OAAOsB,OACJM,CAAAA,GAAG,CAAC,WAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GACJ9B,KAAK+B,aAAa,IAAI/B,KAAK+B,aAAa,KAAK,MACzC,CAAC,EAAE/B,KAAK8B,QAAQ,CAAC,CAAC,EAAE9B,IAAAA,CAAK+B,aAAa,CAAC,CAAC,GACxC/B,IAAAA,CAAK8B,QAAQ;wBACnB,OAAO;AACLA,4BAAAA,QAAAA;AACAb,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDe,QAAU,EAAA;gBACRd,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,iBAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMM,WAAW9C,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOiC,QAAAA,CACJL,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDmB,MAAQ,EAAA;gBACNlB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMU,SAASlD,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAU,qBAAA,CAAA;oBAE5C,OAAOqC,MAAAA,CACJC,KAAK,CAAC,OAAA,CAAA,CACNV,GAAG,CAAC,WAAA,CAAA,CACJM,EAAE,CAAC;AAAEP,wBAAAA;qBACLxB,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AAClCrB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDsB,MAAQ,EAAA;gBACNrB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAa;AAC9B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMa,SAASrD,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVyC,QAAU,EAAA;4BACRC,OAAS,EAAA;gCACP,YAAc,EAAA;AACf;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,MAAM,EAAEzC,IAAAA,EAAM0C,QAAQ,EAAE,GAAG,MAAMH,MAAOZ,CAAAA,GAAG,CAAC,MAAA,CAAA,CAAQC,IAAI,CAACF,aAAaxB,OAAO,EAAA;;oBAG7E,IAAIwC,QAAAA,CAASzB,KAAK,EAAE;wBAClB,OAAO;AACLa,4BAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,4BAAAA,KAAAA,EAAOyB,SAASzB;AAC1B,yBAAA;AACO;;AAED,oBAAA,MAAM,EAAEjB,IAAAA,EAAM4C,SAAS,EAAE,GAAG,MAAML,MAAOZ,CAAAA,GAAG,CAAC,aAAA,CAAA,CAAeC,IAAI,CAACF,aAAaxB,OAAO,EAAA;oBAErF,OAAO;AACL4B,wBAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,wBAAAA,KAAAA,EAAO4B,KAAMC,CAAAA,OAAO,CAACF,SAAAA,CAAAA,GACjBA,UAAUvC,IAAI,CAAC,CAACY,KAAAA,GAAUA,KAAM8B,CAAAA,OAAO,KAAK,IAAA,CAAA,CAAM9B,KAAK,GACvD;AACZ,qBAAA;AACK;AACF,aAAA;YACD+B,SAAW,EAAA;gBACT9B,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAY;AACrB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMsB,YAAY9D,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;AAElD,oBAAA,OAAOiD,UACJrB,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiD,iBAAiB;AAChChC,4BAAAA,KAAAA,EAAOjB,KAAKiD;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YAEDC,OAAS,EAAA;gBACPhC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,iBAAiB;AAC1C,iBAAA;AACD,gBAAA,MAAMS,cAAa,EAAEC,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;AAClD,oBAAA,MAAMD,UAAUhE,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVyC,QAAU,EAAA;4BACRY,KAAO,EAAA;gCACLC,YAAcF,EAAAA,SAAAA,CAAUD,OAAO,CAAC/C,GAAG;gCACnCmD,eAAiBH,EAAAA,SAAAA,CAAUD,OAAO,CAAC5B;AACpC;AACF;AACT,qBAAA,CAAA;oBAEM,OAAO4B,OAAAA,CACJvB,GAAG,CAAC,4BACJC,CAAAA,CAAAA,IAAI,CAACF,WAAAA,EAAaW,KAAMkB,CAAAA,aAAa,CACrCtB,CAAAA,EAAE,CAAC;wBAAEuB,WAAanB,EAAAA,KAAK,CAAC,kBAAmB,CAAA;wBAAEoB,aAAe,EAAA;qBAC5DvD,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKwD,WAAW;AAC1BvC,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDyC,SAAW,EAAA;gBACTxC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,WAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAe;AACxB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMgC,YAAYxE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;oBAElD,OAAO2D,SAAAA,CACJ/B,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAK8B,QAAQ;AACvBb,4BAAAA,KAAAA,EAAO,CAAC,EAAEjB,IAAAA,CAAK8B,QAAQ,CAAC,UAAU;yBACnC,CAAA,CAAA;AACJ;AACF,aAAA;YACD6B,EAAI,EAAA;gBACFzC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,IAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,YAAY,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEW,KAAK,EAAE,EAAA;AACvC,oBAAA,MAAMsB,KAAKzE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAM,qBAAA,CAAA;oBAEpC,OAAO4D,EAAAA,CACJhC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAE2B,EAAIvB,EAAAA,KAAAA,CAAMwB,GAAG,CAACC,OAAO;wBAAEC,CAAG,EAAA;qBAC/B7D,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU,CAAC,EAAE9B,IAAAA,CAAKgE,QAAQ,CAAC,CAAA,CAAE,CAACC,SAAS,CAAC,CAAC,EAAEjE,KAAKgE,QAAQ,CAAC,EAAE,CAACE,UAAU,CAAC,CAAC;4BACxEjD,KAAOoB,EAAAA,KAAAA,CAAMwB,GAAG,CAAC5C;yBAClB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDkD,MAAQ,EAAA;gBACNjD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAkB;AAC3B,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMgB,SAASjF,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACN0E,MAAQ,EAAA;gCACNC,OAAS,EAAA;oCACPxE,MAAQ,EAAA,uBAAA;oCACRC,IAAM,EAAA,cAAA;oCACN4C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,WAAa,EAAA;AACd;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOF,MAAAA,CACJxC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,EAAayB,UAAUgB,MAAM,CAAChE,GAAG,CACtCD,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAAC3B,KAAK;AAC5B1B,4BAAAA,KAAAA,EAAOjB,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAACrD;yBACrB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDsD,QAAU,EAAA;gBACRrD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,UAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRC,oBAAAA,WAAAA,EAAa,CAAC,EAAEP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA,eAAA;AAAiB,wBAAA;AAAiB;AAC3C,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAM8C,WAAWtF,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;AAChD,oBAAA,MAAM,EACJC,IAAAA,EAAM,EAAEyE,kBAAkB,EAAE,EAC7B,GAAG,MAAMD,QAAAA,CAAS7C,GAAG,CAAC,IAAA,CAAA,CAAMC,IAAI,CAACF,aAAaxB,OAAO,EAAA;AACtD,oBAAA,MAAM,EACJF,IAAAA,EAAM,EAAE0E,QAAQ,EAAE,EACnB,GAAG,MAAMF,QAAAA,CACP7C,GAAG,CAAC,wDAAA,CAAA,CACJC,IAAI,CAACF,aACLxB,OAAO,EAAA;AAEV,oBAAA,MAAMe,KAAQyD,GAAAA,QAAQ,CAAC,CAAA,CAAE,CAAC,SAAU,CAAA;oBAEpC,OAAO;wBACL5C,QAAU2C,EAAAA,kBAAAA;AACVxD,wBAAAA,KAAAA,EAAOA,MAAM0D;AACrB,qBAAA;AACK;AACF,aAAA;YAEDjF,OAAS,EAAA;gBACPwB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,KAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,kBAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA,QAAA;AAAU,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEY,KAAK,EAAEc,SAAS,EAAE,EAAA;AACrC,oBAAA,MAAMlE,UAAU,IAAI6F,GAAAA,CAAI3B,SAAUzD,CAAAA,OAAO,CAACqF,OAAO,CAAA;oBACjD,MAAM/F,OAAAA,GAAUqD,MAAM2C,QAAQ;oBAC9B,MAAMC,YAAAA,GAAe,MAAMlG,iBAAkB,CAAA;AAAEC,wBAAAA,OAAAA;AAASC,wBAAAA,OAAAA;AAASC,wBAAAA;AAAM,qBAAA,CAAA;oBACvE,OAAO;wBACL4C,QAAUmD,EAAAA,YAAY,CAAC,kBAAmB,CAAA;AAC1ChE,wBAAAA,KAAAA,EAAOgE,aAAahE;AAC5B,qBAAA;AACK;AACF,aAAA;YAEDiE,MAAQ,EAAA;gBACNhE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,gBAAgB,CAAC;oBACtCQ,KAAO,EAAA;AAAC,wBAAA;AAAW;AACpB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMwD,SAAShG,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACNyF,MAAQ,EAAA;gCACNd,OAAS,EAAA;oCACPxE,MAAQ,EAAA,0BAAA;oCACRC,IAAM,EAAA,sBAAA;oCACNsF,OAAS,EAAA,IAAA;oCACT1C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,YAAc,EAAA;AACf;AACF;AACF;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,OAAOa,OACJvD,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAO,CAAC,EAAEjB,IAAAA,CAAKmC,IAAI,CAAC,UAAU;yBAC/B,CAAA,CAAA;AACJ;AACF,aAAA;YAEDiD,KAAO,EAAA;gBACLlE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,cAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,eAAe,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMiC,QAAQlG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAS,qBAAA,CAAA;oBAE1C,OAAOqF,KAAAA,CACJzD,GAAG,CAAC,UAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUiC,KAAK,CAACR,SAAS,EACnChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAM8B,WAAW9B,IAAK8B,CAAAA,QAAQ,IAAI9B,IAAAA,CAAKqF,QAAQ,IAAIrF,IAAAA,CAAKmC,IAAI,IAAInC,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AACxF,wBAAA,MAAMrB,KAAQjB,GAAAA,IAAAA,CAAKiB,KAAK,IAAI,CAAC,EAAEa,QAASwD,CAAAA,OAAO,CAAC,MAAA,EAAQ,GAAK,CAAA,CAAA,UAAU,CAAC;wBAExE,OAAO;AACLxD,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDsE,GAAK,EAAA;gBACHrE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,MAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,aAAa,CAAC;oBACnCQ,KAAO,EAAA;AAAC,wBAAA;AAAe,qBAAA;oBACvBoD,SAAW,EAAA;AACZ,iBAAA;AACD,gBAAA,MAAMnD,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoC,MAAMrG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAO,qBAAA,CAAA;oBAEtC,OAAOwF,GAAAA,CACJ5D,GAAG,CAAC,cAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUoC,GAAG,CAACX,SAAS,EACjChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GAAW9B,KAAKwF,UAAU,GAC5BxF,KAAKwF,UAAU,CAACC,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAK0F,CAAAA,GAAG,GACrD1F,IAAKyF,CAAAA,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAAA,CAAK0F,GAAG;AAC9C,wBAAA,MAAMzE,QAAQjB,IAAKwF,CAAAA,UAAU,GACzBxF,IAAKwF,CAAAA,UAAU,CAACG,WAAW,IAAI3F,IAAKwF,CAAAA,UAAU,CAACvE,KAAK,GACpDjB,KAAK2F,WAAW,IAAI3F,KAAKiB,KAAK;wBAClC,IAAI,CAACa,QAAY,IAAA,CAACb,KAAO,EAAA;4BACvB2E,MAAOC,CAAAA,GAAG,CAACC,IAAI,CACb,CAAC,uDAAuD,EAAEC,IAAKC,CAAAA,SAAS,CAAChG,IAAAA,CAAAA,CAAM,CAAC,CAAA;AAEnF;wBACD,OAAO;AACL8B,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDgF,OAAS,EAAA;gBACP/E,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;AACRuD,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAkB;AACvC,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMuE,UAAU/G,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVN,MAAQ,EAAA;4BACNwG,OAAS,EAAA;gCACP7B,OAAS,EAAA;oCACPxE,MAAQ,EAAA,yBAAA;oCACRC,IAAM,EAAA,mBAAA;oCACN4C,OAAS,EAAA;wCACPyD,aAAe,EAAA;AAChB;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOD,OAAAA,CACJtE,GAAG,CAAC,aACJC,CAAAA,CAAAA,IAAI,CAACF,WACLO,CAAAA,CAAAA,EAAE,CAAC,IAAIkE,eAAgB,CAAA;wBAAE,cAAgB,EAAA;qBAAqBC,CAAAA,CAAAA,QAAQ,IACtElG,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAMqG,WAAcrG,GAAAA,IAAAA,CAAKsE,IAAI,CAACkB,UAAU;wBACxC,OAAO;AACL1D,4BAAAA,QAAAA,EAAUuE,YAAYC,SAAS;AAC/BrF,4BAAAA,KAAAA,EAAOoF,YAAYpF;AAC/B,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDsF,QAAU,EAAA;gBACRrF,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,uCAAA;AACXC,oBAAAA,QAAAA,EAAU,CAAC,EAAE7D,OAAQ,CAAA,kBAAkB,CAAC;oBACxCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoD,WAAWrH,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOwG,QAAAA,CACJ3B,SAAS,CAACzB,SAAAA,CAAUoD,QAAQ,CAAC3B,SAAS,EACtCjD,GAAG,CAAC,oCACJC,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;wBACb,OAAO;AACL8B,4BAAAA,QAAAA,EAAU9B,KAAKwG,kBAAkB;AACjCvF,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF;SACH,CAAA;IAEAwF,iBAAiB,GAAA,IAAA;AACf,QAAA,MAAMvH,MAASwH,GAAAA,UAAAA;AAEf,QAAA,MAAMC,SAAYf,GAAAA,MAAAA,CAAOnG,MAAM,CAACkC,GAAG,CAAC,iBAAA,CAAA;QACpC,MAAMX,OAAAA,GAAUrC,QAAQiH,MAAOnG,CAAAA,MAAM,CAACmH,MAAM,CAACC,GAAG,EAAEF,SAAW,EAAA,MAAA,CAAA;AAE7D,QAAA,MAAMG,gBAAgB/F,aAAc,CAAA;AAAEC,YAAAA,OAAAA;AAAS9B,YAAAA;AAAQ,SAAA,CAAA;AAEzD;;AAEA,OACE,OAAO;AACL6H,YAAAA,MAAAA,CAAAA,GAAAA;gBACE,OAAOD,aAAAA;AACR,aAAA;AACDnF,YAAAA,GAAAA,CAAAA,CAAIQ,IAAI,EAAA;gBACN,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;YACD6E,GAAI7E,CAAAA,CAAAA,IAAI,EAAE1C,MAAM,EAAA;gBACdqH,aAAa,CAAC3E,KAAK,GAAG1C,MAAAA;AACvB,aAAA;AACDwH,YAAAA,MAAAA,CAAAA,CAAO9E,IAAI,EAAA;gBACT,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;AAEL;;SAGI,MAAM+E,GAAI,CAAA,CAAA,EAAEnH,QAAQ,EAAE2B,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;gBACnD,MAAMgE,YAAAA,GAAeL,aAAa,CAAC/G,QAAS,CAAA;AAE5CxB,gBAAAA,MAAAA,CAAO4I,YAAc,EAAA,uBAAA,CAAA;gBAErB,OAAOA,YAAAA,CAAa1F,YAAY,CAAC;AAAEC,oBAAAA,WAAAA;AAAaW,oBAAAA,KAAAA;AAAOc,oBAAAA,SAAAA;AAAWjE,oBAAAA;AAAM,iBAAA,CAAA;AACzE;AACL,SAAA;AACA,KAAA;;;;;;"}
1
+ {"version":3,"file":"providers-registry.mjs","sources":["../../../server/services/providers-registry.js"],"sourcesContent":["'use strict';\n\nconst { strict: assert } = require('assert');\nconst jwt = require('jsonwebtoken');\nconst urljoin = require('url-join');\nconst jwkToPem = require('jwk-to-pem');\n\nconst getCognitoPayload = async ({ idToken, jwksUrl, purest }) => {\n const {\n header: { kid },\n payload,\n } = jwt.decode(idToken, { complete: true });\n\n if (!payload || !kid) {\n throw new Error('The provided token is not valid');\n }\n\n const config = {\n cognito: {\n discovery: {\n origin: jwksUrl.origin,\n path: jwksUrl.pathname,\n },\n },\n };\n try {\n const cognito = purest({ provider: 'cognito', config });\n // get the JSON Web Key (JWK) for the user pool\n const { body: jwk } = await cognito('discovery').request();\n // Get the key with the same Key ID as the provided token\n const key = jwk.keys.find(({ kid: jwkKid }) => jwkKid === kid);\n const pem = jwkToPem(key);\n\n // https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html\n const decodedToken = await new Promise((resolve, reject) => {\n jwt.verify(idToken, pem, { algorithms: ['RS256'] }, (err, decodedToken) => {\n if (err) {\n reject();\n }\n resolve(decodedToken);\n });\n });\n return decodedToken;\n } catch (err) {\n throw new Error('There was an error verifying the token');\n }\n};\n\nconst initProviders = ({ baseURL, purest }) => ({\n email: {\n enabled: true,\n icon: 'envelope',\n grantConfig: {},\n },\n discord: {\n enabled: false,\n icon: 'discord',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/discord/callback`,\n scope: ['identify', 'email'],\n },\n async authCallback({ accessToken }) {\n const discord = purest({ provider: 'discord' });\n\n return discord\n .get('users/@me')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // Combine username and discriminator (if discriminator exists and not equal to 0)\n const username =\n body.discriminator && body.discriminator !== '0'\n ? `${body.username}#${body.discriminator}`\n : body.username;\n return {\n username,\n email: body.email,\n };\n });\n },\n },\n facebook: {\n enabled: false,\n icon: 'facebook-square',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/facebook/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const facebook = purest({ provider: 'facebook' });\n\n return facebook\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'name,email' })\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: body.email,\n }));\n },\n },\n google: {\n enabled: false,\n icon: 'google',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/google/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken }) {\n const google = purest({ provider: 'google' });\n\n return google\n .query('oauth')\n .get('tokeninfo')\n .qs({ accessToken })\n .request()\n .then(({ body }) => ({\n username: body.email.split('@')[0],\n email: body.email,\n }));\n },\n },\n github: {\n enabled: false,\n icon: 'github',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/github/callback`,\n scope: ['user', 'user:email'],\n },\n async authCallback({ accessToken }) {\n const github = purest({\n provider: 'github',\n defaults: {\n headers: {\n 'user-agent': 'strapi',\n },\n },\n });\n\n const { body: userBody } = await github.get('user').auth(accessToken).request();\n\n // This is the public email on the github profile\n if (userBody.email) {\n return {\n username: userBody.login,\n email: userBody.email,\n };\n }\n // Get the email with Github's user/emails API\n const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();\n\n return {\n username: userBody.login,\n email: Array.isArray(emailBody)\n ? emailBody.find((email) => email.primary === true).email\n : null,\n };\n },\n },\n microsoft: {\n enabled: false,\n icon: 'windows',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/microsoft/callback`,\n scope: ['user.read'],\n },\n async authCallback({ accessToken }) {\n const microsoft = purest({ provider: 'microsoft' });\n\n return microsoft\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.userPrincipalName,\n email: body.userPrincipalName,\n }));\n },\n },\n\n twitter: {\n enabled: false,\n icon: 'twitter',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitter/callback`,\n },\n async authCallback({ accessToken, query, providers }) {\n const twitter = purest({\n provider: 'twitter',\n defaults: {\n oauth: {\n consumer_key: providers.twitter.key,\n consumer_secret: providers.twitter.secret,\n },\n },\n });\n\n return twitter\n .get('account/verify_credentials')\n .auth(accessToken, query.access_secret)\n .qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })\n .request()\n .then(({ body }) => ({\n username: body.screen_name,\n email: body.email,\n }));\n },\n },\n instagram: {\n enabled: false,\n icon: 'instagram',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/instagram/callback`,\n scope: ['user_profile'],\n },\n async authCallback({ accessToken }) {\n const instagram = purest({ provider: 'instagram' });\n\n return instagram\n .get('me')\n .auth(accessToken)\n .qs({ fields: 'id,username' })\n .request()\n .then(({ body }) => ({\n username: body.username,\n email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email\n }));\n },\n },\n vk: {\n enabled: false,\n icon: 'vk',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/vk/callback`,\n scope: ['email'],\n },\n async authCallback({ accessToken, query }) {\n const vk = purest({ provider: 'vk' });\n\n return vk\n .get('users')\n .auth(accessToken)\n .qs({ id: query.raw.user_id, v: '5.122' })\n .request()\n .then(({ body }) => ({\n username: `${body.response[0].last_name} ${body.response[0].first_name}`,\n email: query.raw.email,\n }));\n },\n },\n\n twitch: {\n enabled: false,\n icon: 'twitch',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/twitch/callback`,\n scope: ['user:read:email'],\n },\n async authCallback({ accessToken, providers }) {\n const twitch = purest({\n provider: 'twitch',\n config: {\n twitch: {\n default: {\n origin: 'https://api.twitch.tv',\n path: 'helix/{path}',\n headers: {\n Authorization: 'Bearer {auth}',\n 'Client-Id': '{auth}',\n },\n },\n },\n },\n });\n\n return twitch\n .get('users')\n .auth(accessToken, providers.twitch.key)\n .request()\n .then(({ body }) => ({\n username: body.data[0].login,\n email: body.data[0].email,\n }));\n },\n },\n\n linkedin: {\n enabled: false,\n icon: 'linkedin',\n grantConfig: {\n key: '',\n secret: '',\n callbackUrl: `${baseURL}/linkedin/callback`,\n scope: ['r_liteprofile', 'r_emailaddress'],\n },\n async authCallback({ accessToken }) {\n const linkedIn = purest({ provider: 'linkedin' });\n const {\n body: { localizedFirstName },\n } = await linkedIn.get('me').auth(accessToken).request();\n const {\n body: { elements },\n } = await linkedIn\n .get('emailAddress?q=members&projection=(elements*(handle~))')\n .auth(accessToken)\n .request();\n\n const email = elements[0]['handle~'];\n\n return {\n username: localizedFirstName,\n email: email.emailAddress,\n };\n },\n },\n\n cognito: {\n enabled: false,\n icon: 'aws',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my.subdomain.com',\n callback: `${baseURL}/cognito/callback`,\n scope: ['email', 'openid', 'profile'],\n },\n async authCallback({ query, providers }) {\n const jwksUrl = new URL(providers.cognito.jwksurl);\n const idToken = query.id_token;\n const tokenPayload = await getCognitoPayload({ idToken, jwksUrl, purest });\n return {\n username: tokenPayload['cognito:username'],\n email: tokenPayload.email,\n };\n },\n },\n\n reddit: {\n enabled: false,\n icon: 'reddit',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/reddit/callback`,\n scope: ['identity'],\n },\n async authCallback({ accessToken }) {\n const reddit = purest({\n provider: 'reddit',\n config: {\n reddit: {\n default: {\n origin: 'https://oauth.reddit.com',\n path: 'api/{version}/{path}',\n version: 'v1',\n headers: {\n Authorization: 'Bearer {auth}',\n 'user-agent': 'strapi',\n },\n },\n },\n },\n });\n\n return reddit\n .get('me')\n .auth(accessToken)\n .request()\n .then(({ body }) => ({\n username: body.name,\n email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email\n }));\n },\n },\n\n auth0: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'my-tenant.eu',\n callback: `${baseURL}/auth0/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const auth0 = purest({ provider: 'auth0' });\n\n return auth0\n .get('userinfo')\n .subdomain(providers.auth0.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n const username = body.username || body.nickname || body.name || body.email.split('@')[0];\n const email = body.email || `${username.replace(/\\s+/g, '.')}@strapi.io`;\n\n return {\n username,\n email,\n };\n });\n },\n },\n\n cas: {\n enabled: false,\n icon: 'book',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/cas/callback`,\n scope: ['openid email'], // scopes should be space delimited\n subdomain: 'my.subdomain.com/cas',\n },\n async authCallback({ accessToken, providers }) {\n const cas = purest({ provider: 'cas' });\n\n return cas\n .get('oidc/profile')\n .subdomain(providers.cas.subdomain)\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n // CAS attribute may be in body.attributes or \"FLAT\", depending on CAS config\n const username = body.attributes\n ? body.attributes.strapiusername || body.id || body.sub\n : body.strapiusername || body.id || body.sub;\n const email = body.attributes\n ? body.attributes.strapiemail || body.attributes.email\n : body.strapiemail || body.email;\n if (!username || !email) {\n strapi.log.warn(\n `CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`\n );\n }\n return {\n username,\n email,\n };\n });\n },\n },\n\n patreon: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n callback: `${baseURL}/patreon/callback`,\n scope: ['identity', 'identity[email]'],\n },\n async authCallback({ accessToken }) {\n const patreon = purest({\n provider: 'patreon',\n config: {\n patreon: {\n default: {\n origin: 'https://www.patreon.com',\n path: 'api/oauth2/{path}',\n headers: {\n authorization: 'Bearer {auth}',\n },\n },\n },\n },\n });\n\n return patreon\n .get('v2/identity')\n .auth(accessToken)\n .qs(new URLSearchParams({ 'fields[user]': 'full_name,email' }).toString())\n .request()\n .then(({ body }) => {\n const patreonData = body.data.attributes;\n return {\n username: patreonData.full_name,\n email: patreonData.email,\n };\n });\n },\n },\n keycloak: {\n enabled: false,\n icon: '',\n grantConfig: {\n key: '',\n secret: '',\n subdomain: 'myKeycloakProvider.com/realms/myrealm',\n callback: `${baseURL}/keycloak/callback`,\n scope: ['openid', 'email', 'profile'],\n },\n async authCallback({ accessToken, providers }) {\n const keycloak = purest({ provider: 'keycloak' });\n\n return keycloak\n .subdomain(providers.keycloak.subdomain)\n .get('protocol/openid-connect/userinfo')\n .auth(accessToken)\n .request()\n .then(({ body }) => {\n return {\n username: body.preferred_username,\n email: body.email,\n };\n });\n },\n },\n});\n\nmodule.exports = () => {\n const purest = require('purest');\n\n const apiPrefix = strapi.config.get('api.rest.prefix');\n const baseURL = urljoin(strapi.config.server.url, apiPrefix, 'auth');\n\n const authProviders = initProviders({ baseURL, purest });\n\n /**\n * @public\n */\n return {\n getAll() {\n return authProviders;\n },\n get(name) {\n return authProviders[name];\n },\n add(name, config) {\n authProviders[name] = config;\n },\n remove(name) {\n delete authProviders[name];\n },\n\n /**\n * @internal\n */\n async run({ provider, accessToken, query, providers }) {\n const authProvider = authProviders[provider];\n\n assert(authProvider, 'Unknown auth provider');\n\n return authProvider.authCallback({ accessToken, query, providers, purest });\n },\n };\n};\n"],"names":["strict","assert","require$$0","jwt","require$$1","urljoin","require$$2","jwkToPem","require$$3","getCognitoPayload","idToken","jwksUrl","purest","header","kid","payload","decode","complete","Error","config","cognito","discovery","origin","path","pathname","provider","body","jwk","request","key","keys","find","jwkKid","pem","decodedToken","Promise","resolve","reject","verify","algorithms","err","initProviders","baseURL","email","enabled","icon","grantConfig","discord","secret","callbackUrl","scope","authCallback","accessToken","get","auth","then","username","discriminator","facebook","qs","fields","name","google","query","split","github","defaults","headers","userBody","login","emailBody","Array","isArray","primary","microsoft","userPrincipalName","twitter","providers","oauth","consumer_key","consumer_secret","access_secret","screen_name","include_email","instagram","vk","id","raw","user_id","v","response","last_name","first_name","twitch","default","Authorization","data","linkedin","linkedIn","localizedFirstName","elements","emailAddress","subdomain","callback","URL","jwksurl","id_token","tokenPayload","reddit","version","auth0","nickname","replace","cas","attributes","strapiusername","sub","strapiemail","strapi","log","warn","JSON","stringify","patreon","authorization","URLSearchParams","toString","patreonData","full_name","keycloak","preferred_username","providersRegistry","require$$4","apiPrefix","server","url","authProviders","getAll","add","remove","run","authProvider"],"mappings":";;;;;;;;;;;AAEA,IAAA,MAAM,EAAEA,MAAAA,EAAQC,MAAM,EAAE,GAAGC,UAAAA;AAC3B,IAAA,MAAMC,GAAMC,GAAAA,UAAAA;AACZ,IAAA,MAAMC,OAAUC,GAAAA,UAAAA;AAChB,IAAA,MAAMC,QAAWC,GAAAA,UAAAA;IAEjB,MAAMC,iBAAAA,GAAoB,OAAO,EAAEC,OAAO,EAAEC,OAAO,EAAEC,MAAM,EAAE,GAAA;AAC3D,QAAA,MAAM,EACJC,MAAAA,EAAQ,EAAEC,GAAG,EAAE,EACfC,OAAO,EACR,GAAGZ,GAAAA,CAAIa,MAAM,CAACN,OAAS,EAAA;YAAEO,QAAU,EAAA;AAAI,SAAA,CAAA;QAExC,IAAI,CAACF,OAAW,IAAA,CAACD,GAAK,EAAA;AACpB,YAAA,MAAM,IAAII,KAAM,CAAA,iCAAA,CAAA;AACjB;AAED,QAAA,MAAMC,MAAS,GAAA;YACbC,OAAS,EAAA;gBACPC,SAAW,EAAA;AACTC,oBAAAA,MAAAA,EAAQX,QAAQW,MAAM;AACtBC,oBAAAA,IAAAA,EAAMZ,QAAQa;AACf;AACF;AACL,SAAA;QACE,IAAI;AACF,YAAA,MAAMJ,UAAUR,MAAO,CAAA;gBAAEa,QAAU,EAAA,SAAA;AAAWN,gBAAAA;AAAM,aAAA,CAAA;;YAEpD,MAAM,EAAEO,MAAMC,GAAG,EAAE,GAAG,MAAMP,OAAAA,CAAQ,aAAaQ,OAAO,EAAA;;AAExD,YAAA,MAAMC,GAAMF,GAAAA,GAAAA,CAAIG,IAAI,CAACC,IAAI,CAAC,CAAC,EAAEjB,GAAKkB,EAAAA,MAAM,EAAE,GAAKA,MAAWlB,KAAAA,GAAAA,CAAAA;AAC1D,YAAA,MAAMmB,MAAM1B,QAASsB,CAAAA,GAAAA,CAAAA;;AAGrB,YAAA,MAAMK,YAAe,GAAA,MAAM,IAAIC,OAAAA,CAAQ,CAACC,OAASC,EAAAA,MAAAA,GAAAA;gBAC/ClC,GAAImC,CAAAA,MAAM,CAAC5B,OAAAA,EAASuB,GAAK,EAAA;oBAAEM,UAAY,EAAA;AAAC,wBAAA;AAAQ;AAAE,iBAAA,EAAE,CAACC,GAAKN,EAAAA,YAAAA,GAAAA;AACxD,oBAAA,IAAIM,GAAK,EAAA;AACPH,wBAAAA,MAAAA,EAAAA;AACD;oBACDD,OAAQF,CAAAA,YAAAA,CAAAA;AAChB,iBAAA,CAAA;AACA,aAAA,CAAA;YACI,OAAOA,YAAAA;AACR,SAAA,CAAC,OAAOM,GAAK,EAAA;AACZ,YAAA,MAAM,IAAItB,KAAM,CAAA,wCAAA,CAAA;AACjB;AACH,KAAA;IAEA,MAAMuB,aAAAA,GAAgB,CAAC,EAAEC,OAAO,EAAE9B,MAAM,EAAE,IAAM;YAC9C+B,KAAO,EAAA;gBACLC,OAAS,EAAA,IAAA;gBACTC,IAAM,EAAA,UAAA;AACNC,gBAAAA,WAAAA,EAAa;AACd,aAAA;YACDC,OAAS,EAAA;gBACPH,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,iBAAiB,CAAC;oBAC1CQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAQ;AAC7B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAML,UAAUnC,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAW,qBAAA,CAAA;AAE9C,oBAAA,OAAOsB,OACJM,CAAAA,GAAG,CAAC,WAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;AAEb,wBAAA,MAAM8B,WACJ9B,IAAK+B,CAAAA,aAAa,IAAI/B,IAAK+B,CAAAA,aAAa,KAAK,GACzC,GAAA,CAAA,EAAG/B,KAAK8B,QAAQ,CAAC,CAAC,EAAE9B,IAAAA,CAAK+B,aAAa,CAAE,CAAA,GACxC/B,KAAK8B,QAAQ;wBACnB,OAAO;AACLA,4BAAAA,QAAAA;AACAb,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDe,QAAU,EAAA;gBACRd,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,iBAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMM,WAAW9C,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOiC,QAAAA,CACJL,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDmB,MAAQ,EAAA;gBACNlB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMU,SAASlD,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAU,qBAAA,CAAA;oBAE5C,OAAOqC,MAAAA,CACJC,KAAK,CAAC,OAAA,CAAA,CACNV,GAAG,CAAC,WAAA,CAAA,CACJM,EAAE,CAAC;AAAEP,wBAAAA;qBACLxB,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;AAClCrB,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDsB,MAAQ,EAAA;gBACNrB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA,MAAA;AAAQ,wBAAA;AAAa;AAC9B,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMa,SAASrD,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVyC,QAAU,EAAA;4BACRC,OAAS,EAAA;gCACP,YAAc,EAAA;AACf;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,MAAM,EAAEzC,IAAAA,EAAM0C,QAAQ,EAAE,GAAG,MAAMH,MAAOZ,CAAAA,GAAG,CAAC,MAAA,CAAA,CAAQC,IAAI,CAACF,aAAaxB,OAAO,EAAA;;oBAG7E,IAAIwC,QAAAA,CAASzB,KAAK,EAAE;wBAClB,OAAO;AACLa,4BAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,4BAAAA,KAAAA,EAAOyB,SAASzB;AAC1B,yBAAA;AACO;;AAED,oBAAA,MAAM,EAAEjB,IAAAA,EAAM4C,SAAS,EAAE,GAAG,MAAML,MAAOZ,CAAAA,GAAG,CAAC,aAAA,CAAA,CAAeC,IAAI,CAACF,aAAaxB,OAAO,EAAA;oBAErF,OAAO;AACL4B,wBAAAA,QAAAA,EAAUY,SAASC,KAAK;AACxB1B,wBAAAA,KAAAA,EAAO4B,KAAMC,CAAAA,OAAO,CAACF,SAAAA,CAAAA,GACjBA,UAAUvC,IAAI,CAAC,CAACY,KAAAA,GAAUA,KAAM8B,CAAAA,OAAO,KAAK,IAAA,CAAA,CAAM9B,KAAK,GACvD;AACZ,qBAAA;AACK;AACF,aAAA;YACD+B,SAAW,EAAA;gBACT9B,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAY;AACrB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMsB,YAAY9D,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;AAElD,oBAAA,OAAOiD,UACJrB,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKiD,iBAAiB;AAChChC,4BAAAA,KAAAA,EAAOjB,KAAKiD;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YAEDC,OAAS,EAAA;gBACPhC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,SAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,iBAAiB;AAC1C,iBAAA;AACD,gBAAA,MAAMS,cAAa,EAAEC,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;AAClD,oBAAA,MAAMD,UAAUhE,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVyC,QAAU,EAAA;4BACRY,KAAO,EAAA;gCACLC,YAAcF,EAAAA,SAAAA,CAAUD,OAAO,CAAC/C,GAAG;gCACnCmD,eAAiBH,EAAAA,SAAAA,CAAUD,OAAO,CAAC5B;AACpC;AACF;AACT,qBAAA,CAAA;oBAEM,OAAO4B,OAAAA,CACJvB,GAAG,CAAC,4BACJC,CAAAA,CAAAA,IAAI,CAACF,WAAAA,EAAaW,KAAMkB,CAAAA,aAAa,CACrCtB,CAAAA,EAAE,CAAC;wBAAEuB,WAAanB,EAAAA,KAAK,CAAC,kBAAmB,CAAA;wBAAEoB,aAAe,EAAA;qBAC5DvD,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKwD,WAAW;AAC1BvC,4BAAAA,KAAAA,EAAOjB,KAAKiB;yBACb,CAAA,CAAA;AACJ;AACF,aAAA;YACDyC,SAAW,EAAA;gBACTxC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,WAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,mBAAmB,CAAC;oBAC5CQ,KAAO,EAAA;AAAC,wBAAA;AAAe;AACxB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMgC,YAAYxE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAa,qBAAA,CAAA;oBAElD,OAAO2D,SAAAA,CACJ/B,GAAG,CAAC,IAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAEC,MAAQ,EAAA;qBACbhC,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAK8B,QAAQ;AACvBb,4BAAAA,KAAAA,EAAO,CAAGjB,EAAAA,IAAAA,CAAK8B,QAAQ,CAAC,UAAU;yBACnC,CAAA,CAAA;AACJ;AACF,aAAA;YACD6B,EAAI,EAAA;gBACFzC,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,IAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,YAAY,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA;AAAQ;AACjB,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEW,KAAK,EAAE,EAAA;AACvC,oBAAA,MAAMsB,KAAKzE,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAM,qBAAA,CAAA;oBAEpC,OAAO4D,EAAAA,CACJhC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,CAAAA,CACLO,EAAE,CAAC;wBAAE2B,EAAIvB,EAAAA,KAAAA,CAAMwB,GAAG,CAACC,OAAO;wBAAEC,CAAG,EAAA;qBAC/B7D,CAAAA,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU,GAAG9B,IAAKgE,CAAAA,QAAQ,CAAC,CAAA,CAAE,CAACC,SAAS,CAAC,CAAC,EAAEjE,KAAKgE,QAAQ,CAAC,CAAE,CAAA,CAACE,UAAU,CAAE,CAAA;4BACxEjD,KAAOoB,EAAAA,KAAAA,CAAMwB,GAAG,CAAC5C;yBAClB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDkD,MAAQ,EAAA;gBACNjD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,gBAAgB,CAAC;oBACzCQ,KAAO,EAAA;AAAC,wBAAA;AAAkB;AAC3B,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMgB,SAASjF,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACN0E,MAAQ,EAAA;gCACNC,OAAS,EAAA;oCACPxE,MAAQ,EAAA,uBAAA;oCACRC,IAAM,EAAA,cAAA;oCACN4C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,WAAa,EAAA;AACd;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOF,MAAAA,CACJxC,GAAG,CAAC,OAAA,CAAA,CACJC,IAAI,CAACF,WAAAA,EAAayB,UAAUgB,MAAM,CAAChE,GAAG,CACtCD,CAAAA,OAAO,GACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAAC3B,KAAK;AAC5B1B,4BAAAA,KAAAA,EAAOjB,IAAKsE,CAAAA,IAAI,CAAC,CAAA,CAAE,CAACrD;yBACrB,CAAA,CAAA;AACJ;AACF,aAAA;YAEDsD,QAAU,EAAA;gBACRrD,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,UAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRC,WAAa,EAAA,CAAA,EAAGP,OAAQ,CAAA,kBAAkB,CAAC;oBAC3CQ,KAAO,EAAA;AAAC,wBAAA,eAAA;AAAiB,wBAAA;AAAiB;AAC3C,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAM8C,WAAWtF,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;AAChD,oBAAA,MAAM,EACJC,IAAAA,EAAM,EAAEyE,kBAAkB,EAAE,EAC7B,GAAG,MAAMD,QAAAA,CAAS7C,GAAG,CAAC,IAAA,CAAA,CAAMC,IAAI,CAACF,aAAaxB,OAAO,EAAA;AACtD,oBAAA,MAAM,EACJF,IAAAA,EAAM,EAAE0E,QAAQ,EAAE,EACnB,GAAG,MAAMF,QAAAA,CACP7C,GAAG,CAAC,wDAAA,CAAA,CACJC,IAAI,CAACF,aACLxB,OAAO,EAAA;AAEV,oBAAA,MAAMe,KAAQyD,GAAAA,QAAQ,CAAC,CAAA,CAAE,CAAC,SAAU,CAAA;oBAEpC,OAAO;wBACL5C,QAAU2C,EAAAA,kBAAAA;AACVxD,wBAAAA,KAAAA,EAAOA,MAAM0D;AACrB,qBAAA;AACK;AACF,aAAA;YAEDjF,OAAS,EAAA;gBACPwB,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,KAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,kBAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,OAAA;AAAS,wBAAA,QAAA;AAAU,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEY,KAAK,EAAEc,SAAS,EAAE,EAAA;AACrC,oBAAA,MAAMlE,UAAU,IAAI6F,GAAAA,CAAI3B,SAAUzD,CAAAA,OAAO,CAACqF,OAAO,CAAA;oBACjD,MAAM/F,OAAAA,GAAUqD,MAAM2C,QAAQ;oBAC9B,MAAMC,YAAAA,GAAe,MAAMlG,iBAAkB,CAAA;AAAEC,wBAAAA,OAAAA;AAASC,wBAAAA,OAAAA;AAASC,wBAAAA;AAAM,qBAAA,CAAA;oBACvE,OAAO;wBACL4C,QAAUmD,EAAAA,YAAY,CAAC,kBAAmB,CAAA;AAC1ChE,wBAAAA,KAAAA,EAAOgE,aAAahE;AAC5B,qBAAA;AACK;AACF,aAAA;YAEDiE,MAAQ,EAAA;gBACNhE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,QAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,gBAAgB,CAAC;oBACtCQ,KAAO,EAAA;AAAC,wBAAA;AAAW;AACpB,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMwD,SAAShG,MAAO,CAAA;wBACpBa,QAAU,EAAA,QAAA;wBACVN,MAAQ,EAAA;4BACNyF,MAAQ,EAAA;gCACNd,OAAS,EAAA;oCACPxE,MAAQ,EAAA,0BAAA;oCACRC,IAAM,EAAA,sBAAA;oCACNsF,OAAS,EAAA,IAAA;oCACT1C,OAAS,EAAA;wCACP4B,aAAe,EAAA,eAAA;wCACf,YAAc,EAAA;AACf;AACF;AACF;AACF;AACT,qBAAA,CAAA;AAEM,oBAAA,OAAOa,OACJvD,GAAG,CAAC,IACJC,CAAAA,CAAAA,IAAI,CAACF,WACLxB,CAAAA,CAAAA,OAAO,EACP2B,CAAAA,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,IAAM;AACnB8B,4BAAAA,QAAAA,EAAU9B,KAAKmC,IAAI;AACnBlB,4BAAAA,KAAAA,EAAO,CAAGjB,EAAAA,IAAAA,CAAKmC,IAAI,CAAC,UAAU;yBAC/B,CAAA,CAAA;AACJ;AACF,aAAA;YAEDiD,KAAO,EAAA;gBACLlE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,cAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,eAAe,CAAC;oBACrCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMiC,QAAQlG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAS,qBAAA,CAAA;oBAE1C,OAAOqF,KAAAA,CACJzD,GAAG,CAAC,UAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUiC,KAAK,CAACR,SAAS,EACnChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAM8B,WAAW9B,IAAK8B,CAAAA,QAAQ,IAAI9B,IAAAA,CAAKqF,QAAQ,IAAIrF,IAAAA,CAAKmC,IAAI,IAAInC,KAAKiB,KAAK,CAACqB,KAAK,CAAC,GAAA,CAAI,CAAC,CAAE,CAAA;wBACxF,MAAMrB,KAAAA,GAAQjB,IAAKiB,CAAAA,KAAK,IAAI,CAAA,EAAGa,QAASwD,CAAAA,OAAO,CAAC,MAAA,EAAQ,GAAK,CAAA,CAAA,UAAU,CAAC;wBAExE,OAAO;AACLxD,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDsE,GAAK,EAAA;gBACHrE,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,MAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,aAAa,CAAC;oBACnCQ,KAAO,EAAA;AAAC,wBAAA;AAAe,qBAAA;oBACvBoD,SAAW,EAAA;AACZ,iBAAA;AACD,gBAAA,MAAMnD,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoC,MAAMrG,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAO,qBAAA,CAAA;oBAEtC,OAAOwF,GAAAA,CACJ5D,GAAG,CAAC,cAAA,CAAA,CACJiD,SAAS,CAACzB,SAAAA,CAAUoC,GAAG,CAACX,SAAS,EACjChD,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;;wBAEb,MAAM8B,QAAAA,GAAW9B,KAAKwF,UAAU,GAC5BxF,KAAKwF,UAAU,CAACC,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAK0F,CAAAA,GAAG,GACrD1F,IAAKyF,CAAAA,cAAc,IAAIzF,IAAK4D,CAAAA,EAAE,IAAI5D,IAAAA,CAAK0F,GAAG;AAC9C,wBAAA,MAAMzE,QAAQjB,IAAKwF,CAAAA,UAAU,GACzBxF,IAAKwF,CAAAA,UAAU,CAACG,WAAW,IAAI3F,IAAKwF,CAAAA,UAAU,CAACvE,KAAK,GACpDjB,KAAK2F,WAAW,IAAI3F,KAAKiB,KAAK;wBAClC,IAAI,CAACa,QAAY,IAAA,CAACb,KAAO,EAAA;4BACvB2E,MAAOC,CAAAA,GAAG,CAACC,IAAI,CACb,CAAC,uDAAuD,EAAEC,IAAAA,CAAKC,SAAS,CAAChG,IAAO,CAAA,CAAA,CAAA,CAAA;AAEnF;wBACD,OAAO;AACL8B,4BAAAA,QAAAA;AACAb,4BAAAA;AACZ,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YAEDgF,OAAS,EAAA;gBACP/E,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRuD,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,iBAAiB,CAAC;oBACvCQ,KAAO,EAAA;AAAC,wBAAA,UAAA;AAAY,wBAAA;AAAkB;AACvC,iBAAA;gBACD,MAAMC,YAAAA,CAAAA,CAAa,EAAEC,WAAW,EAAE,EAAA;AAChC,oBAAA,MAAMuE,UAAU/G,MAAO,CAAA;wBACrBa,QAAU,EAAA,SAAA;wBACVN,MAAQ,EAAA;4BACNwG,OAAS,EAAA;gCACP7B,OAAS,EAAA;oCACPxE,MAAQ,EAAA,yBAAA;oCACRC,IAAM,EAAA,mBAAA;oCACN4C,OAAS,EAAA;wCACPyD,aAAe,EAAA;AAChB;AACF;AACF;AACF;AACT,qBAAA,CAAA;oBAEM,OAAOD,OAAAA,CACJtE,GAAG,CAAC,aACJC,CAAAA,CAAAA,IAAI,CAACF,WACLO,CAAAA,CAAAA,EAAE,CAAC,IAAIkE,eAAgB,CAAA;wBAAE,cAAgB,EAAA;qBAAqBC,CAAAA,CAAAA,QAAQ,IACtElG,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;AACb,wBAAA,MAAMqG,WAAcrG,GAAAA,IAAAA,CAAKsE,IAAI,CAACkB,UAAU;wBACxC,OAAO;AACL1D,4BAAAA,QAAAA,EAAUuE,YAAYC,SAAS;AAC/BrF,4BAAAA,KAAAA,EAAOoF,YAAYpF;AAC/B,yBAAA;AACA,qBAAA,CAAA;AACK;AACF,aAAA;YACDsF,QAAU,EAAA;gBACRrF,OAAS,EAAA,KAAA;gBACTC,IAAM,EAAA,EAAA;gBACNC,WAAa,EAAA;oBACXjB,GAAK,EAAA,EAAA;oBACLmB,MAAQ,EAAA,EAAA;oBACRsD,SAAW,EAAA,uCAAA;oBACXC,QAAU,EAAA,CAAA,EAAG7D,OAAQ,CAAA,kBAAkB,CAAC;oBACxCQ,KAAO,EAAA;AAAC,wBAAA,QAAA;AAAU,wBAAA,OAAA;AAAS,wBAAA;AAAU;AACtC,iBAAA;AACD,gBAAA,MAAMC,YAAa,CAAA,CAAA,EAAEC,WAAW,EAAEyB,SAAS,EAAE,EAAA;AAC3C,oBAAA,MAAMoD,WAAWrH,MAAO,CAAA;wBAAEa,QAAU,EAAA;AAAY,qBAAA,CAAA;oBAEhD,OAAOwG,QAAAA,CACJ3B,SAAS,CAACzB,SAAAA,CAAUoD,QAAQ,CAAC3B,SAAS,EACtCjD,GAAG,CAAC,oCACJC,IAAI,CAACF,aACLxB,OAAO,EAAA,CACP2B,IAAI,CAAC,CAAC,EAAE7B,IAAI,EAAE,GAAA;wBACb,OAAO;AACL8B,4BAAAA,QAAAA,EAAU9B,KAAKwG,kBAAkB;AACjCvF,4BAAAA,KAAAA,EAAOjB,KAAKiB;AACxB,yBAAA;AACA,qBAAA,CAAA;AACK;AACF;SACH,CAAA;IAEAwF,iBAAiB,GAAA,IAAA;AACf,QAAA,MAAMvH,MAASwH,GAAAA,UAAAA;AAEf,QAAA,MAAMC,SAAYf,GAAAA,MAAAA,CAAOnG,MAAM,CAACkC,GAAG,CAAC,iBAAA,CAAA;QACpC,MAAMX,OAAAA,GAAUrC,QAAQiH,MAAOnG,CAAAA,MAAM,CAACmH,MAAM,CAACC,GAAG,EAAEF,SAAW,EAAA,MAAA,CAAA;AAE7D,QAAA,MAAMG,gBAAgB/F,aAAc,CAAA;AAAEC,YAAAA,OAAAA;AAAS9B,YAAAA;AAAQ,SAAA,CAAA;AAEzD;;AAEA,OACE,OAAO;AACL6H,YAAAA,MAAAA,CAAAA,GAAAA;gBACE,OAAOD,aAAAA;AACR,aAAA;AACDnF,YAAAA,GAAAA,CAAAA,CAAIQ,IAAI,EAAA;gBACN,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;YACD6E,GAAI7E,CAAAA,CAAAA,IAAI,EAAE1C,MAAM,EAAA;gBACdqH,aAAa,CAAC3E,KAAK,GAAG1C,MAAAA;AACvB,aAAA;AACDwH,YAAAA,MAAAA,CAAAA,CAAO9E,IAAI,EAAA;gBACT,OAAO2E,aAAa,CAAC3E,IAAK,CAAA;AAC3B,aAAA;AAEL;;SAGI,MAAM+E,GAAI,CAAA,CAAA,EAAEnH,QAAQ,EAAE2B,WAAW,EAAEW,KAAK,EAAEc,SAAS,EAAE,EAAA;gBACnD,MAAMgE,YAAAA,GAAeL,aAAa,CAAC/G,QAAS,CAAA;AAE5CxB,gBAAAA,MAAAA,CAAO4I,YAAc,EAAA,uBAAA,CAAA;gBAErB,OAAOA,YAAAA,CAAa1F,YAAY,CAAC;AAAEC,oBAAAA,WAAAA;AAAaW,oBAAAA,KAAAA;AAAOc,oBAAAA,SAAAA;AAAWjE,oBAAAA;AAAM,iBAAA,CAAA;AACzE;AACL,SAAA;AACA,KAAA;;;;;;"}